Service Design Center for Device Assisted Services

ABSTRACT

A technique involves modular storage of network service plan components and provisioning of same. A subset of the capabilities of a service design system can be granted to a sandbox system to enable customization of service plan offerings or other controls.

BACKGROUND

Today, end user devices (such as a mobile phone, tablet computer, or notebook computer) sign up for one or more mutually exclusive service plans (e.g., text messages, voice, or data) before being allowed to use an access network. The service plans usually are either pre-paid or post-pay. Depending on which service plans a user subscribes, a cost of using the access network can vary. The access network determines whether the requested use is for the mutually exclusive categories of text messages, voice, or data. Once the appropriate service plan is determined, the access network can use a policy of the service plan to determine the cost for the use. However, a user is limited to selecting one service plan from each of these three mutually exclusive categories, and thus the user is limited in selecting how he/she wants to use the access network. For example, a user cannot select multiple data plans for various data services to customize an end user device's use of the access network.

The configuration of the access network to implement a particular service plan is also very difficult. For example, to create a service plan for data services, employees of the carrier that operate the access network will discuss basic attributes of the plan (e.g., whether to charge by MB or to be unlimited), and the cost of the plan. Then, an employee will enter into a network device the policy to track use of the access network (e.g., if the former is chosen) for end user devices that subscribe to the particular data plan. An employee also enters a policy into another network device for allowing end user devices that subscribe to the data plan to use the access network. This cumbersome process makes the design of the service plan rigid, time-consuming, and prone to errors, thereby taking a long time to complete and have users begin selecting the data plan for their data services.

The foregoing example of trends and issues is intended to be illustrative and not exclusive. Other limitations of the art will become apparent to those of skill in the relevant art upon a reading of the specification and a study of the drawings.

BRIEF DESCRIPTION OF THE DRAWINGS

FIG. 1 depicts an example of a system including an access network and a network service plan provisioning system.

FIG. 2 depicts a conceptual diagram of an example of a hierarchical structure useful for understanding service plan design and provisioning.

FIGS. 3A through 3AB depict screenshots of a specific implementation of a service design system.

FIG. 4 depicts a flowchart of an example of a method for creating subscriber groups.

FIG. 5 depicts a flowchart of an example of a method for creating service plan components.

FIG. 6 depicts a flowchart of an example of a method for creating service plans from service plan components.

FIG. 7 depicts a flowchart of an example of a method for creating service plan catalogs from subscriber groups and service plans.

FIG. 8 depicts an example of system including an access network and a network service plan provisioning sandbox system.

FIG. 9 depicts a conceptual diagram of an example of a service design system sandbox implementation.

FIG. 10 depicts a conceptual diagram of an example of a service design system sandbox implementation.

FIG. 11 depicts an example of a computer system on which techniques described in this paper can be implemented.

DETAILED DESCRIPTION

FIG. 1 depicts an example of a system 100 including an access network 102 and a network service plan provisioning system 104. In the example of FIG. 1, the access network 102 receives network element provisioning instructions to enforce plan policies from the network service plan provisioning system 104. In a specific implementation, the network service plan provisioning system 104 can receive service plan selection data from the access network, and provide new instructions based upon the selection.

The access network 102 can include a network that can provide network services to a device. The access network 102 can include a wireless network (e.g., WiFi, cellular, or some other wireless technology) and/or a wired network (e.g., LAN or DSL). Wireless or wired devices can be referred to as “on” the access network 102 when the devices complete relevant association, authentication, and/or other procedures that enable to devices to obtain the services offered on the access network 102 in accordance with applicable known or convenient techniques. Advantageously, the devices can have inter-network policies that are provided by the network service plan provisioning system 104 in accordance with techniques described in this paper. Inter-network policies, as the term is used in this paper, refer to traffic control, charging, and notification policies that remain in effect after a device passes from one network to another (e.g., by roaming). Intra-network policies, on the other hand, refer to control traffic control limited to the boundaries of a network (e.g., in-network traffic control, charging, and/or notification policies, plus an optional traffic control policy that permits or prevents roaming to another network).

It is likely that it will be desirable to couple the access network 102 to another network. Networks can include enterprise private networks and virtual private networks (collectively, private networks), which are well known to those of skill in computer networks. As the name suggests, private networks are under the control of an entity rather than being open to the public. Private networks include a head office and optional regional offices (collectively, offices). Many offices enable remote users to connect to the private network offices via some other network, such as the Internet, a public switched telephone network (PSTN), or the like. As used in this paper, a private network is intended to mean a network that is under the control of a single entity or hierarchy of entities. This is typically the case for cellular networks, wireless infrastructure networks, company LANs and WANs, and the like.

In the example of FIG. 1, the access network 102 and the network service plan provisioning system 104 may or may not be on the same private network, or a first entity may own or control a portion of the access network 102 and a second entity may own or control a portion of the access network 102 as well as the network service plan provisioning system 104. For example, a carrier may include the network service plan provisioning system 104, but the access network 102 may include a WiFi network owned by a local business entity. Advantageously, in a specific implementation, the carrier can continue to provide policy control while a subscriber is on the access network 102. Where the access network 102 includes a cellular network of the carrier in this example, even greater policy control may be possible.

It should be noted that a subscriber can be defined broadly to include any applicable device on the access network 102. For example, the access network 102 could include parking meter devices, food-dispensing machines, and automobile onboard computers, as well as smart phones and other devices frequently used by humans.

In the example of FIG. 1, the network service plan provisioning system 104 includes a service design engine 106, a service plan datastore 108, an optional policy enforcement priority rule datastore 110, an enforcement element provisioning instruction translation engine 112, a network provisioning instruction set 114, a network element provisioning engine 116, and analytics engine 118, a historical datastore 120 and a service plan selection engine 122.

The service design engine 106 inputs service plan data structures and other related data that is described later in more detail into the service plan datastore 108. Engines, as described in this paper, refer to computer-readable media coupled to a processor. The computer-readable media have data, including executable files, that the processor can use to transform the data and create new data. An engine can include a dedicated or shared processor and, typically, firmware or software modules that are executed by the processor. Depending upon implementation-specific or other considerations, an engine can be centralized or its functionality distributed. An engine can include special purpose hardware, firmware, or software embodied in a computer-readable medium for execution by the processor. As used in this paper, a computer-readable medium is intended to include all mediums that are statutory (e.g., in the United States, under 35 U.S.C. 101), and to specifically exclude all mediums that are non-statutory in nature to the extent that the exclusion is necessary for a claim that includes the computer-readable medium to be valid. Known statutory computer-readable mediums include hardware (e.g., registers, random access memory (RAM), non-volatile (NV) storage, to name a few), but may or may not be limited to hardware.

Datastores, as described in this paper, can be implemented, for example, as software embodied in a physical computer-readable medium on a general- or specific-purpose machine, in firmware, in hardware, in a combination thereof, or in an applicable known or convenient device or system. Datastores in this paper are intended to include any applicable organization of data, including tables, comma-separated values (CSV) files, traditional databases (e.g., SQL), or other applicable known or convenient organizational formats. Datastore-associated components, such as database interfaces, can be considered “part of” a datastore, part of some other system component, or a combination thereof, though the physical location and other characteristics of datastore-associated components is not critical for an understanding of the techniques described in this paper.

The service plan datastore 108 can store service plan data structures. As used in this paper, a data structure is associated with a particular way of storing and organizing data in a computer so that it can be used efficiently within a given context. Data structures are generally based on the ability of a computer to fetch and store data at any place in its memory, specified by an address, a bit string that can be itself stored in memory and manipulated by the program. Thus some data structures are based on computing the addresses of data items with arithmetic operations; while other data structures are based on storing addresses of data items within the structure itself Many data structures use both principles, sometimes combined in non-trivial ways. The implementation of a data structure usually entails writing a set of procedures that create and manipulate instances of that structure.

In an example of a system where the service plan datastore 108 is implemented as a database, a database management system (DBMS) can be used to manage the service plan datastore 108. In such a case, the DBMS may be thought of as part of the service plan datastore 108 or as part of the service design engine 106 and/or the enforcement element provisioning instruction translation engine 112, or as a separate functional unit (not shown). A DBMS is typically implemented as an engine that controls organization, storage, management, and retrieval of data in a database. DBMSs frequently provide the ability to query, backup and replicate, enforce rules, provide security, do computation, perform change and access logging, and automate optimization. Examples of DBMSs include Alpha Five, DataEase, Oracle database, IBM DB2, Adaptive Server Enterprise, FileMaker, Firebird, Ingres, Informix, Mark Logic, Microsoft Access, InterSystems Cache, Microsoft SQL Server, Microsoft Visual FoxPro, MonetDB, MySQL, PostgreSQL, Progress, SQLite, Teradata, CSQL, OpenLink Virtuoso, Daffodil DB, and OpenOffice.org Base, to name several.

Database servers can store databases, as well as the DBMS and related engines. Any of the datastores described in this paper could presumably be implemented as database servers. It should be noted that there are two logical views of data in a database, the logical (external) view and the physical (internal) view. In this paper, the logical view is generally assumed to be data found in a report, while the physical view is the data stored in a physical storage medium and available to a specifically programmed processor. With most DBMS implementations, there is one physical view and an almost unlimited number of logical views for the same data.

A DBMS typically includes a modeling language, data structure, database query language, and transaction mechanism. The modeling language is used to define the schema of each database in the DBMS, according to the database model, which may include a hierarchical model, network model, relational model, object model, or some other applicable known or convenient organization. An optimal structure may vary depending upon application requirements (e.g., speed, reliability, maintainability, scalability, and cost). One of the more common models in use today is the ad hoc model embedded in SQL. Data structures can include fields, records, files, objects, and any other applicable known or convenient structures for storing data. A database query language can enable users to query databases, and can include report writers and security mechanisms to prevent unauthorized access. A database transaction mechanism ideally ensures data integrity, even during concurrent user accesses, with fault tolerance. DBMSs can also include a metadata repository; metadata is data that describes other data.

In a specific implementation, the service design engine 106 inputs policy enforcement priority rule data structures in the policy enforcement priority rule datastore 110. An aspect of policy control described in this paper entails the superposition of a first traffic classification filter of a service plan over a second traffic classification filter of the service plan. There is more than one way to accomplish this superposition including, for example, ordering the first and second traffic classification filter such that the first traffic classification filter is applied to a traffic event before the second traffic classification filter, trapping a match of the first traffic classification filter in a kernel until the second traffic classification filter is matched (then applying a first relevant action of an action list), or applying an explicit policy enforcement priority rule. Because implicit policy enforcement priorities can be used, the policy enforcement priority rule datastore 110 is optional. It should be noted that explicit policy enforcement priorities can be mandated in accordance with implementation- and/or configuration-specific parameters or a combination of implicit and explicit policy enforcement priorities can be used. In a specific implementation, explicit priorities trump implicit priorities (e.g., ordering).

In the example of FIG. 1, the enforcement element provisioning instruction translation engine 112 converts service plan data structures in the service plan datastore 108 into respective network provisioning instruction set data structures, which are stored in the network provisioning instruction set datastore 114. The translation engine 112 can also convert the relevant policy enforcement priority rule data structures from the policy enforcement priority rule datastore 110, if applicable, for inclusion in the network provisioning instruction set data structures.

In the example of FIG. 1, the network element provisioning engine 116 provides network element provisioning instructions to enforce plan policies to the access network 102. The network element provisioning instructions are applicable to one or more devices that may or may not currently be on the access network 102. In a specific implementation, the network element provisioning instructions are sent to the access network 102 only when the applicable one or more devices are on the access network 102.

In the example of FIG. 1, the analytics engine 118 receives data from the access network 102, which can include subscriber feedback or instructions. For the purposes of this example, the data is presumed to include service plan selection data, which is used by the service plan selection engine 122. The analytics engine 118 can modify the data in a manner that is useful to the network service plan provisioning system 104, which can include triggering actions based upon feedback or instructions from the access network 102. The data can be stored in the historical datastore 120, which can be used by the service design engine 106. For example, the service design engine 106 can specify whether more or less data should be requested from the device (e.g., based upon network state), determine whether to reduce counts or other notifications, specify parameters that are to be recorded within classifications, or the like.

Network state can be associated with a network busy state (or, conversely, a network availability state). A network availability state can include, for example, a state or measure of availability/capacity of a segment of a network (e.g., a last edge element of a wireless network). A network busy state can include, for example, a state or measure of the network usage level or network congestion of a segment of a network (e.g., a last edge element of a wireless network). In some embodiments, network availability state and network busy state are inverse measures. As used herein with respect to certain embodiments, network availability state and network busy state can be used interchangeably based on, for example, a design choice (e.g., designing to assign background policies based on a network busy state or a network availability state yields similar results, but they are different ways to characterize the network performance and/or capacity and/or congestion). In some embodiments, network availability state and network busy state are dynamic measures as such states change based on network usage activities (e.g., based on a time of day, availability/capacity level, congestion level, and/or performance level). In some embodiments, differential network service usage control of a network service usage activity is based on a network busy state or network availability state. In a specific implementation, there are four levels of network busy state (not busy, light, medium, critical).

In the example of FIG. 1, the service plan selection engine 122 receives service plan selection data from the analytics engine 118. The service plan selection data can be from a device on the access network 102, originate from the access network 102, or a combination thereof. In a specific implementation, the service plan selection data is entered at a device by a user and forwarded to the service plan selection engine 122 through the access network 102.

Upon receipt of the service plan selection data, the service plan selection engine 122 can, if appropriate, select a new network provisioning instruction set in the network provisioning instruction set 114 for provisioning to the access network 102 in the manner described previously. (The service plan selection engine 122 may or may not be capable of triggering the service design engine 106 to modify a service plan, which is translated into a network provisioning instruction set for selection by the service plan selection engine 122.)

FIG. 2 depicts a conceptual diagram 200 of an example of a hierarchical structure useful for understanding service plan design and provisioning. The conceptual diagram 200 includes a collection of datastores associated with service plans 202, a collection of datastores associated with subscribers 204, a plan catalogs datastore 206, and a service design engine 208.

The collection of datastores 202 includes a filters datastore 210, a components datastore 212, a plans datastore 214, a rules datastore 218, a traffic control rule data structure 220, a charging data structure 222, and a notification data structure 224. The filters datastore 210 can include, for example, traffic control filter data structures that, when used, allow, block, throttle, delay (for a fixed period of time), and defer (until an event) a matched traffic event. Aspects of a traffic event to which a filter is mapped can include, for example, by remote destination, by application, by content (e.g., generic content such as streaming, specific content identifiable using regular expressions, etc.), by protocol, by port, by target operating system, to name several. In the context of service design, it has proven convenient to offer designers filter packages that combine a traffic control filter with an action. Such actions can include notify (which triggers a notification to be sent to a notification destination), cap (which increments a count), trap (which traps a match at the kernel level to see if another filter is matched later), and instructions (which can result in some other instruction to be executed).

The components datastore 212 can include, for example, a set of filter packages, including at least one filter, and a set of policies. Because components can inherit policy, it is not an explicit requirement that a component include at least one policy. However, when a component is assembled in a service plan offering, the component will have either a policy in the set of policies or will inherit a policy.

The plans datastore 214 can include, for example, a hierarchy of components. The components are organized into classes, which can include, for example, carrier, network protection, application (paid or sponsored), interceptor (marketing interceptor or parental control), bulk, post-bulk, and end-of-life. It at least one implementation, the end-of-life class is handled by a default, rather than a component that is stored in the components datastore 212.

The rules datastore 218 includes policy rules. For illustrative purposes, three policy type data structures are depicted as directed toward the rules datastore 218: traffic control policy data structure 220, charging policy data structure 222, and notification policy data structure 224. The traffic control policy data structure 220 can include a variety of filter packages designed to control the flow of traffic, such as allow or block, and take certain actions in association with the traffic control, such as cap-and-match. The charging policy data structure 222 can be directed to a user or a sponsor (who can subsidize network service usage) and can include a charging code.

The notification policy data structure 224 can be directed to a user, a sponsor, or an engine that takes further action in accordance with variables or constant parameters in the notification and can include content for use by the target of the notification and a trigger (e.g., a selectable button that results in the execution of relevant instructions). Notification types include plan limit thresholds (plan has reached a specified % of charging policy cap), plan cap limit (requested network activity has been capped because charging policy cap has been reached), plan limit overage (overage has reached a specified %; offer the option of overage, new service plan, block ongoing usage, etc.), plan expiration (plan expired; offer option to buy a new plan), activity block event (activity blocked by filter or activity state change), no capable plan (plan does not support the requested network activity, which has been blocked), marketing interceptor (specific message or offer based on current activity or status), promotional message (overview of what plan provides), upsell offer (upsell tiered plan based on current usage). Notification actions can be added to notifications to make them “actionable,” which means that a recipient of the notification can provide feedback or instructions in response to the notification. Notification actions can include, for example, OK/dismiss, cancel, acknowledge, buy (links to buy workflow), more info (e.g., more information regarding why a traffic event was blocked, suggestions for traffic activity changes or service plan purchase), back (call a previous workflow screen), next (call a next workflow screen), launch (launch URL or application). Notification customizations can include foreground, background, foreground/background (display in foreground if activity is in foreground and in background otherwise), title, subtitle, text, icon, buttons/actions, “do not show again” (will not show again for a specified time), default target button (specifies a default response action), or the like.

The collection of datastores associated with subscribers 204 includes a subscribers datastore 226 and a subscriber groups datastore 228. The subscribers datastore 226 includes subscriber data structures that include information about subscribers. A minimalist subscriber data structure is likely to at least include a subscriber identification that is unique within the system 200 or universally, such as an International Mobile Subscriber Identity (IMSI). It may also be useful to include such information as a phone number, device type, and/or International Mobile Equipment Identity (IMEI).

The subscriber groups datastore 228 includes subscriber group data structures that include groupings of subscribers. The types of groupings that can be done in a system depends upon the amount of information that is known about subscribers. For example, subscribers can be grouped by device type, device characteristics, demographic characteristics of the subscriber, region, etc.

The plan catalogs datastore 206 includes plan catalog data structures that are available to consumers or providers of network service plans. The plan catalog data structures are combinations of components from the collection of datastores associated with service plans 202 and the collection of datastores associated with subscribers 204.

The service design engine 208 can manage the datastores depicted in the example of FIG. 2. Aspects of service design and/or provisioning can be assigned to agents of the system 200. The amount of control over the system that an agent is granted is based upon the role of the agent, which can be recorded in the roles datastore 230. Roles can be set to super user, portal admin, system admin, or some other role that is applicable to the capabilities of the design center (e.g., whether it is a carrier design center, or a sandbox for an enterprise, applications developer, community-based organization, gifting organization, Mobile Virtual Network Operator (MVNO), etc.) and the human agent who is using the system.

Screenshots of a user interface for a specific implementation of a service design engine, such as the service design engine 208, can be used to illustrate some of the functionality of the service design engine 208. FIGS. 3A-3AB depict screenshots of a User Interface (UI) for a specific implementation of a service design system.

In the example of FIG. 3A, following login, a designer is directed to a service design center UI home page with an open tasks field 302, a recent activity field 304, and a menu buttons field 306. The open tasks field 302 can include drafts that are awaiting approval, beta tests that are awaiting publication/deployment, and deployed plans that are targeted for termination, or other open tasks. The recent activity field 304 can include as much or as little information as is deemed useful to designers.

The menu buttons field 306 includes eight buttons, a subscribers button, a subscriber group button, a plans button, a plan catalogs button, a templates button, a reports button, a settings button, and a my profile button. Selecting the my profile button brings a designer to screenshot 300B (FIG. 3B), where the designer can enter information such as first name, last name, password, and role. Roles can be set to super user, portal admin, system admin, or some other role that is applicable to the capabilities of the design center (e.g., whether it is a carrier design center, or a sandbox for an enterprise, applications developer, community-based organization, gifting organization, Mobile Virtual Network Operator (MVNO), etc.) and the particular designer who is using the system.

Selecting the settings button of the menu buttons field 306 brings a designer to screenshot 300C (FIG. 3C), where the designer can select a roles tab, a users tab, or a presets tab from a tabs menu 308. Selecting the Roles tab from the tabs menu 308 enables a designer to add roles, such as component editor, plan creator, plan group publisher, plan viewer, report viewer, and system admin. It may be noted that a designer will not necessarily be able to view all roles in this tab and, in a likely implementation, may be unable to create roles with rights the designer does not have (e.g., a system admin may have fewer rights than a super user and different rights than a portal admin). Selecting the Users tab from the tabs menu 308 enables a designer to add and edit users. In the example of FIG. 3D (screenshot 300D), the user das has been selected, and das' details, such as username (email address), first name, last name, whether the user is enabled, roles, and available roles are depicted. Selecting the Presets tab from the tabs menu 308 enables a designer to choose a default plan icon as depicted in the example of FIG. 3E (screenshot 300E).

Selecting the subscribers button of the menu buttons field 306 and selecting a new subscriber brings a designer to screenshot 300F (FIG. 3F). In this specific implementation, the subscriber information includes a device name, subscriber group, owner name, locale, EID, phone number, device type, operating system version, CDMA subscriber details, and GSM/LTE subscriber details. This information can also be edited for subscribers that are already in the subscribers datastore.

Selecting the subscriber groups button of the menu buttons field 306 brings a designer to screenshot 300G (FIG. 3G), where the designer can select a properties tab or an import tab. Choosing to create a new subscriber group prompts the designer to enter a group name and description, and to drag subscribers into the group. Selecting the import tab enables the designer to import subscribers from a subscribers datastore in a batch operation. See, e.g., FIG. 3H, screenshot 300H. Information can also be edited for subscriber groups that are already in the subscriber groups datastore.

Selecting the plans button of the menu buttons field 306 and selecting a new plan brings a designer to screenshot 300I (FIG. 3I). In this specific implementation, the plan information includes a plan icon, a plan name, a plan short description, a plan description, a plan version, a plan type (e.g., sponsored, paid, or carrier), an “is default” checkbox, an “is repurchaseable” checkbox, a billing price, and a display price (in case the billing price is not the same as the billing price). A next screenshot 300J (FIG. 3J) enables entry of further information about the plan, including charging policy (e.g., based on data used or time spent, usage limits and overage allowances), billing policy (e.g., one-time or recurring, usage reporting, and pre- or post-billing). It is possible in this specific implementation to show a policy label on the device and include billing identifiers. A charging code can also be created or selected by the designer. A next screenshot 300K (FIG. 3K) includes an option to add components, either by creating a new component or cloning an existing component. In the example of FIG. 3K, three components have been added to the list of components for the plan, with explicit priorities 1, 2, and 3. Note that in this specific implementation, the number of tabs in the tab menu 310 increases as data is entered for the plan until the tab menu 310 includes a properties tab, a charging & billing tab, a components tab, a policy events tab, and a review tab.

When the designer selects a component, such as the “Copy of No Youtube,” a component screenshot 300L (FIG. 3L) is displayed, which includes a tab menu 312 that includes a properties tab, a filters tab, and a policy events tab. (The tab menu 312 can also include a charging policy tab if a charging policy is defined for the component.) Selecting the properties tab from the tab menu 312 enables the designer to edit the component name, service class (e.g., carrier, network protection, sponsored, specialized application, market interceptor, parental control, open access, and post-bulk), and whether the component has a charging policy explicitly defined or inherits the charging policy from the plan. It may be noted that the service class could be characterized to include an “end-of-life” service class for when a subscriber has no remaining service plan options, but in this specific implementation the end-of-life setting is not listed as a service class (described later).

Selecting the filters tab from the tab menu 312 brings the designer to screenshot 300M (FIG. 3M), where filters can be chosen for a selected component (in this example, the “No Youtube” component). When the designer selects a filter to edit, the designer is brought to screenshot 300N (FIG. 3N), which facilitates editing of the filter name, description, whether the filter is associative only, whether the filter is “no-match,” filtering parameters (e.g., filter by remote destination, filter by application, filter by target operating system, filter by content, filter by protocol, filter by port), and whether and how to display in a launcher widget.

Selecting the policy events tab from the tab menu 312 and creating a new policy event brings the designer to screenshot 300O (FIG. 3O) where the designer can select policy events based upon network state when certain conditions (e.g., cap & no match, cap & match, block for a device, disallow and match, disallow and no match, in this network state, transitioning into this network state, and transitioning out of this network state) are met. Continuing to the next screenshot 300P (FIG. 3P), the designer enters event properties, such as the name of the policy event, a description, whether to display notifications associated with the event in foreground or background, whether to send notification results to service, maximum number of times to send the notification, and whether the user can suppress future notifications. Note that in this specific implementation, the number of tabs in the tab menu 314 increases as data is entered for the policy event until the tab menu 314 includes a policy event tab, a properties tab, a messages tab, and a buttons tab.

Continuing to the next screenshot 300Q (FIG. 3Q), the designer enters message details, such as title, subtitle, short text, and long text. Clicking on “how to use variables” instructs the designer regarding what variables can be added to notifications, such as name of service plan, charging code name, filter (e.g., blocked, throttled, etc.), percentage of plan utilization in bytes or time, application name, overage limit, current overage, throttle rate, date when cycle will refresh, duration of cycle, name of plan matched after current plan reached a cap, name of plan matched after disallow matched, current roaming state, current active network, or host or domain, to name several.

Continuing to the next screenshot 300R (FIG. 3R), the designer determines whether to display upsell plans and enters buttons to enable subscriber responses to the notification (in this example, the view catalog and cancel buttons are enabled). The phone image 316 is intended to illustrate how the message and buttons will appear within a device, though the image will not necessarily be a perfect representation.

When returning to the plan level (see FIG. 3K), the designer can select the policy events tab from the tab menu 310 to display screenshot 300S (FIG. 3S) and enter policy events at the plan level. It may be noted that the policy events described with reference to the examples of FIGS. 3O to 3R were associated with an individual component. In the example of FIG. 3S, a policy event associated with the network state “on a WiFi network” and on a Monday through Friday causes a notification to be sent when a cap and match is seen. Other policy event parameters can be set in a manner similar to those described with reference to FIGS. 3P to 3R.

Upon completion of the plan described with reference to FIGS. 3I to 3S, the designer can select the review tab from the tab menu 310 (see, e.g., FIG. 3K) to display screenshot 300T (FIG. 3T). It may be noted that the review screen is “cut off,” which prevents observation of policy events, but this is not necessary to understand the nature of the review screen. In this example, the plan, which is stored as a “draft” plan, can be published for beta testing (and submitted for approval).

Referring back to the home page (see, e.g., FIG. 3A), selecting the plan catalogs button from the menu buttons field 306 brings a designer to screenshot 300U (FIG. 3U). There, the designer can enter a plan catalog name, a plan catalog description, and a plan catalog version (or select a plan catalog from plan catalogs in a plan catalogs datastore). When the designer clicks “next,” the tab menu expands into a tab menu 318, which includes the properties tab, a plans tab, a plan priorities tab, a tabs tab, a subscriber groups tab, an LCP error tab, an upsells tab, a promotions tab, and a review tab, as is illustrated in the example of FIG. 3V. Under the plans tab, the designer can drag plans into a plan catalog.

When the designer selects the plan priorities tab from the tab menu 318, the designer is brought to screenshot 300W (FIG. 3W), where the plans of the plan catalog can be prioritized. The plans are prioritized per plan type (e.g., carrier plan, paid plan), and if there are multiple plans within a plan type, the plans can be prioritized within the plan types, as well. Some or all of the plans can also be designated as available upon activation. With versioning, subscribers having a previous plan version can continue to use the previous version, while new subscribers can be offered the most recent version. If an old plan expires, a subscriber can be offered the most recent version, as well.

When the designer selects the tabs tab from the tab menu 318, the designer is brought to screenshot 300X (FIG. 3X), where the designer can organize tabs for display of plans. A subscriber's device can display, for example, one or more tabs such as games, social, productivity, media, free, paid, and all, and under the tabs the various plans can be listed in an order that is determinable by the designer.

When the designer selects the subscriber groups tab from the tab menu 318, the designer is brought to screenshot 300Y (FIG. 3Y), where the designer can drag and drop subscriber groups.

A Lacks Compatible Plan (LCP) error occurs when a traffic event is received for which there is no active service plan. LCP errors can be treated as a particular kind of policy event. As when designating the parameters of policy events, when the designer selects the LCP errors tab from the menu 318, the designer has options similar to those described above with reference to FIGS. 3P to 3R. That is, the designer can choose applicable end-of-life properties, messages, and buttons.

Upsells occur when offered from a component, plan, or plan catalog, and can be responsive to traffic events (e.g., an upsell for cheaper network service when using Facebook applications can occur when a subscriber consumes more expensive network services to use Facebook applications) or other events. When the designer selects the upsells tab from the menu 318, the designer can edit upsell opportunities offered from, e.g., notifications within a plan catalog or any of its plans or components. Upsells can be edited much like policy events (e.g., properties, messages, and buttons).

Promotions can be offered once or periodically. When the designer selects the promotions tab from the menu 318, the designer can edit a frequency of a promotion in screenshot 300Z (FIG. 3Z). Promotions can be edited much like policy events (e.g., properties, messages, and buttons).

When the designer selects the review tab from the menu 318, the designer can review the plan catalog as is illustrated in screenshot 300AA (FIG. 3AA).

Referring back to the home page (see, e.g., FIG. 3A), selecting the templates button from the menu buttons field 306 enables a designer to work on filter templates. Because components can have versions, it can be desirable to create templated filters that, when placed in a component, automatically create a copy of the templated filter. That way, when the filter is changed for one version, it is not changed for another. It is also possible to simply reuse a filter in components, in which case if the filter is changed, it is changed for all of the components into which it was reused.

Selecting the reports button from the menu buttons field 306 enables a designer to review reports. FIG. 3AB depicts a screenshot 300AB with reports that are broken into several categories including, usage, revenue, popularity, health (fraud), per subscriber, and other. Reports are generated using information that is available from datastores of the service design system, which can include data in notifications from subscriber devices or, more generally, access networks.

FIG. 4 depicts a flowchart 400 of an example of a method for creating subscriber groups. This flowchart and other flowcharts are depicted in the figures of this paper as serially arranged modules. However, modules of the flowcharts may be reordered or arranged for parallel execution as appropriate.

In the example of FIG. 4, the flowchart 400 starts at module 402 with creating a subscriber record. The term “record” as used in this paper can refer to a data structure of any applicable format saved in a data store. A subscriber record can include such information as device name, owner name, EID (e.g., IMSI or Country Code+Operator Code+MIN), device type, subscriber group, locale, phone number (e.g., MSISDN or MDN), operating system version, CDMA subscriber details (e.g., Device ID/MEID and/or MSID), and GSM/LTE subscriber details (e.g., IMSI and/or IMEI). Generally, more information will enable designers to group subscribers together in different ways (e.g., by demographic information), which can result in improved accept rates for targeted notifications.

In the example of FIG. 4, the flowchart 400 continues to module 404 with storing the subscriber record in a service design system subscriber datastore. Datastore is a general term that can be applied to almost any data storage receptacle. For the purpose of this example, however, a specific format is expected. It is possible, and even likely, that the service design system subscriber datastore (and the service design system subscriber group datastore, mentioned later) will have an implementation- and/or configuration-specific, though not necessarily proprietary, format. The subscriber record is expected to have such a format appropriate for storage in the expected format of the service design system subscriber datastore. In the event subscriber data is received in the service design system in a format other than the expected format, the subscriber record is created (402) in the expected format and populated with some or all of the received subscriber data, and potentially with additional data that is obtained by the service design system (e.g., from a datastore or through an admin or other input process).

In the example of FIG. 4, the flowchart 400 continues to decision point 406 where it is determined whether there is additional subscriber records to be created. If it is determined that there is additional subscriber records to be created (406-Y), then the flowchart 400 returns to module 402 and continues as described previously for the next subscriber record. A “while loop” 408 comprising the modules 402 and 404 and decision point 406 is encompassed in the example of FIG. 4 with a dotted box. The while loop 408 can be executed in batch-mode by importing subscriber data from a data source. The format of the subscriber data can be restricted to the format of the service design system subscriber datastore or formats that a service design engine is capable of converting into the appropriate format. Alternatively or in addition, the while loop 408 can be executed through an input process one subscriber at a time, either when receiving data from a potential or current subscriber, or from an artificial or human agent of the service design system.

If, on the other hand, it is determined that there are no additional subscriber records to be created (406-N), then the flowchart 400 continues to module 410 with creating a subscriber group record from subscriber records in the service design system subscriber datastore. A subscriber group record may or may not have a substantial amount of metadata. For example, a subscriber group record can be assigned a name and description to make it easier to use the subscriber group record when creating service plans for subscriber groups. An alternative field of the subscriber group record is common subscriber data, though this could also be considered part of the description.

In the example of FIG. 4, the flowchart 400 continues to module 412 with storing the subscriber group record in the service design system subscriber group datastore. The issues related to format of subscriber group records are similar to those described previously with reference to module 404.

In the example of FIG. 4, the flowchart 400 continues to decision point 414 where it is determined whether there is additional subscriber group records to be created. If it is determined that there is additional subscriber group records to be created (414-Y), then the flowchart 400 returns to module 410 and continues as described previously for the next subscriber group record. A “while loop” 418 comprising the modules 410 and 412 and decision points 414 and 416 is encompassed in the example of FIG. 4 with a dotted box. The while loop 416 can be executed in batch-mode by importing subscriber records from the subscribers datastore. Alternatively or in addition, the while loop 418 can be executed through an input process one subscriber at a time, either when receiving data from a potential or current subscriber, or from an artificial or human agent of the service design system. For example, an admin could drag and drop available subscribers into a subscriber group, and the service design engine can create a subscriber group record from available subscribers that were added to the subscriber group in this way.

In a specific implementation, a batch of subscriber data can be imported into the service design system and used to populate a subscriber group. It may be noted that the logical flow in the flowchart 400 is to create subscriber records (412) and store the subscriber records (404) repeatedly (406) and then create a subscriber group (410) from subscriber records in the service design system subscriber datastore. However, it is not necessary for the import procedure to create each subscriber record before creating the subscriber group.

In a specific implementation, when a subscriber record with a characteristic that identifies the subscriber record as part of an existing subscriber group record is created and stored in the service design system subscriber datastore, that subscriber may or may not automatically be added to the existing subscriber group record (or an update procedure could add any subscriber records having the relevant characteristics that were not previously added to the subscriber group record when initiated by a subscriber or agent of the service design system).

Referring once again to decision point 414, if it is determined that there are no additional subscriber group records to be created (414-N), then the flowchart 400 continues to decision point 416 where it is determined whether there are additional subscriber records to be created. If it is determined that additional subscriber records are to be created (416-Y), then the flowchart 400 returns to module 402 and continues as described previously. If, on the other hand, it is determined that no additional subscriber records are to be created (416-N), then the flowchart ends. It may be noted that in a typical implementation, the method could be restarted at module 402 or module 410 if there is an other subscriber record or another subscriber group record to be created. Therefore, the end is a logical end to the flowchart 400, but the process can continue as needed.

FIG. 5 depicts a flowchart of an example of a method for creating service plan components. In the example of FIG. 5, the flowchart 500 starts at module 502 with creating a filter instance. A filter record is created by this action, but the term “instance” is used because of the way in which a filter is used in the system. Specifically, a filter can have global characteristics in the sense that if two service plan components incorporate the filter instance and the filter instance is later changed, the changes are applied to both of the service plan components. Thus, there is a single filter instance that is used in multiple components. Alternatively, a filter instance can be created from a template in the sense that if two service plan components incorporate the filter instance and a change is made to one of the filter instances, the changes are not applied to the other filter instance. Thus, each application of the filter template is a separate filter instance. In a specific implementation, filter instances can be explicitly set to be either global or local. It is also possible to create a global filter template (such that changes to the global filter template are applied to all instances of the filter) as well as local filter instances that can be changed within service plan components without the changes cascading through they system.

In the example of FIG. 5, the flowchart 500 continues to module 504 with storing the filter instance in a service design system filter datastore. The service design system filter datastore may have explicit data structure requirements for the filter instance, but will at least include a traffic instance that matches the filter. In a specific implementation, the traffic instances can include traffic events that include a specified remote destination (e.g., a domain or IP address), a specified application (identified by, e.g., name, hash, certificate, signature, other secure ID, etc.), a specified operating system, specified content, a specified protocol (e.g., TCP, UDP, TCP/UDP), or a specified port number. Domain filters can be specified to allow references to be loaded and/or to use associative filtering (e.g., by seconds or by bytes of data). Application filters can be specified to validate applications. Each filter instance stored in the service design system filter datastore can include a filter name and description to make use of the filter easier for human agents.

In a specific implementation, filter instances can be specified to be match or no match filters. A “match” filter does not prevent attempts to match a traffic event to another filter. A “no match” filter prevents a network traffic inspection engine from attempting to match a traffic event to another filter. In a sense, this applies an action to a filter, and the match and no match aspect of a filter can be treated as a filter aspect or an associated action aspect, whichever is more applicable in a given context.

In the example of FIG. 5, the flowchart 500 continues to decision point 506 where it is determined whether there are more filter instances to create. If it is determined that there are more filter instances to create (506-Y) then the flowchart 500 returns to module 502 and continues as described previously for a next filter instance.

If, on the other hand, it is determined that there are no additional filter events to be created (506-N), then the flowchart 500 continues to module 508 with creating a corresponding policy event rule record. The policy event rule enables a service plan component to determine what network state (including any network state) is applicable to a policy event. It may be noted that in a specific implementation, the rules can be created without a corresponding filter (e.g., as a stand-alone rule). The policy event rule becomes applicable when a filter matches a traffic event in a way that is specified by the rule. For example, if a traffic event matches a filter instance such that a network state is detected (e.g., in a network state, transitioning into the network state, or transitioning out of the network state), then a rule that specifies these conditions is applicable. Other examples of specified conditions are when a traffic event is allowed, blocked, throttled, delayed, or deferred, each which could be specified to be match or no match.

Policy rules can also define caps, which are met when a count of, e.g., time or bytes, reaches the defined cap. (It may be noted that a count can be considered part of a notification policy.) When a capped policy event has a counter increment to its defined cap, the filter can change from, e.g., allow (when the cap has not been exceeded) to block, throttle, delay, or defer (when the cap has been exceeded). The capped policy event could similarly go from, e.g., throttle (when the cap has not been exceeded) to throttle more (when the cap has been exceeded) or some other combination of filtering activity before and after a cap has been exceeded.

In the example of FIG. 5, the flowchart 500 continues to module 510 with storing the corresponding policy event rule record in the design system rules datastore. Policy event rules records can include one or more of a traffic control policy, a notification policy, and a charging policy. Traffic control policy rules are associated with the type of filter to which the traffic control policy rule corresponds (e.g., allow, block, throttle, delay, defer, or take no action). The applicable traffic control can be function of network state, device state, service plan usage state, etc.

Notification policy rules are associated with sending information to a party, such as a subscriber, human or non-human agent of a service design system, a program, etc. In a specific implementation, a notification policy record can be given a name and description, and notification details such as whether the notification is in the foreground or background, the destination of the notification (e.g., to a subscriber, to a server, or to some other party), and interaction that is enabled in association with the notification (e.g., number of times the notification is displayed before it is no longer displayed to a user or an option that enables a user to suppress the notification in the future). Notifications to subscribers and human agents of the service design system will typically include human-readable content, such as a title, subtitle, short text, and/or long text description. Notifications to non-human agents may or may not include the same information, and can include instruction sets that make little or no sense when read by a human. In a specific implementation, notifications can include variables that insert data from datastores, about network state, or other data that can vary over time. A service design agent can include selection options (e.g., buttons) in a notification that enable the recipient to provide feedback or instructions. Useful selection options might include, for example, upsell plans, a service offerings catalog, a request for more information, an indication that overage is desired, launching a URL, and/or dismiss. In a specific implementation, a service design system agent can use a graphical user interface that displays a mobile device with the notification as it would be displayed (perhaps without some icons or other features of the mobile device) to make review of the notification convenient.

Charging policy rules are associated with determining how much to bill for usage (in time or bytes). In a specific implementation, a service plan component can inherit charging policy from a plan in which the component is integrated. So, strictly speaking, in such an implementation, a service plan component record need not have a charging policy rule, though when deployed it can have a charging policy rule due to inheritance. Where the charging policy is defined for a component, the charging policy can be based on data used or time, may or may not have an overage allowance (with an optional maximum overage usage), and will have a rate, which can be specified with a charging code.

In the example of FIG. 5, the flowchart 500 continues to module 512 with creating a service plan component record that includes the filter instance from the service design system filter datastore and the policy event rule record in the design system rules datastore. It may be observed that a service plan component will always have a filter and a policy event rule. Assuming the traffic control policy is defined to include “detect” (in addition to allow, block, throttle, delay, defer, to name several), the service plan component can be defined as always including a traffic control policy, where “detect” does nothing more than trigger the policy event when the filter and policy event rule matches a traffic event. Assuming the notification policy is defined to include “none,” the service plan component can be defined as always including a notification policy. Assuming the charging policy is defined to include “inherit,” the service plan component can be defined as always including a charging policy, which is determined when the component is integrated into a plan from which it can inherit the charging policy.

In the example of FIG. 5, the flowchart 500 continues to decision point 514 where it is determined whether more filter instances are to be created. If it is determined that more filter instances are to be created (514-Y), then the flowchart returns to module 502 and continues as described previously (though at module 512, instead of creating a service plan component record, the service plan component record can be modified). If, on the other hand, it is determined that no more filter instances are to be created (514-N), then the flowchart 500 continues to decision point 516 where it is determined whether more policy event rule records corresponding to a filter record are to be created.

If it is determined that more policy event rule records corresponding to a filter record are to be created (516-Y), then the flowchart 500 returns to module 508 and continues as described previously (though at module 512, instead of creating a service plan component record, the service plan component record can be modified). If, on the other hand, it is determined that no more policy event rule records corresponding to a filter record are to be created (516-N), then the flowchart 500 ends.

It may be noted that in a typical implementation, the method could be restarted at module 502, module 508, or module 512 if there is an other filter instance, policy event rule record, or service plan component record to be created. Therefore, the end is a logical end to the flowchart 500, but the process can continue as needed.

FIG. 6 depicts a flowchart 600 of an example of a method for creating service plans from service plan components. For illustrative purposes, it is assumed that filter instances, policy event rule records, and service plan component records that are going to be used in a service plan have already been created. It may be noted that none, some, or all of the filter instances, policy event rule records, and service plan component records could be created at any appropriate point (not depicted) in the flowchart 600. In a specific implementation, the filter instances and policy event rule records can be used at both the service plan component level (see, e.g., FIG. 5) and at the service plan level.

In the example of FIG. 6, the flowchart 600 continues to module 610 with creating a service plan record. The service plan record can include an icon for display on, e.g., subscriber devices, a plan name, a plan short description, a plan description, a plan version, a plan type (e.g., sponsored, paid, or carrier), whether the plan is a default plan, whether the plan is repurchaseable, a billing price, and a display price. Whether a policy label is displayed on a subscriber device can also be set. It may be noted that the service plan record could instead be created after all or a portion of the information associated with the following modules has been provided.

In the example of FIG. 6, the flowchart 600 continues to module 604 with setting charging policy for the service plan. The charging policy can be based on data or time usage and can have a usage limit, with or without overage of some amount, the billing policy cycle can be configured as appropriate (e.g., duration, frequency, report usage, pre- or post-paid billing, etc.). Whether billing identifiers are used (e.g., billing name, carrier service ID, etc.) can also be set. If charging codes are used, charging codes can also be identified and set to the default or not as is appropriate for the service plan. The charging policy can be inherited by service plan components of the plan that are configured to inherit the charging policy of the plan.

In the example of FIG. 6, the flowchart 600 continues to module 606 with hierarchically arranging service plan components in the service plan. The hierarchical arrangement can be explicit (e.g., by indicating priority in a field associated with a component) or implicit in the ordering of the components. In a specific implementation, the components also have service classes. For example, components could fall into the service classes carrier, network protection, sponsored, paid, parental control, marketing intercept, open access/bulk, post-bulk, and no applicable service plan/end-of-life. Thus, hierarchical arrangement of service plan components can refer to hierarchical arrangement of the service plan components relative to one another, to hierarchical arrangement of the service plan components within a service class relative to other service plan components in that service class, or to both.

Depending upon the implementation, service plan components can be designated to have a service class upon creation (or edit), or the component can be assigned to a service class when the component is added to the service plan. For example, a service plan component could be assigned to a “paid” service class, but could also function appropriately if assigned to a marketing intercept service class. Depending upon the implementation, the component could be designated “paid” upon creation and copied to create a similar “marketing intercept” component, or the component could be designated either paid or marketing intercept upon creation (or have no service class designation), and inserted into the relevant service class when arranged in a service plan. Thus, the hierarchical arrangement can be dynamic by service class (e.g., a designer can pick the class into which to arrange a component) or static by service class (e.g., the component is created within a service class). In a specific implementation, a service plan component with a static service class can be explicitly arranged by priority relative to other service plan components within the service class, a service plan component with a dynamically assigned service class can be explicitly arranged by priority relative to other service plan components within the service class, a service plan component with a static service class can be implicitly arranged by priority within the service class, and a service plan component with a dynamically assigned service class can be implicitly arranged by priority within the service class.

In the examples provided in this paper, the carrier service class is generally treated as the highest priority service class. Carrier plans will include basic network policy. In a specific implementation, carrier plans are automatically enforced on a subscriber device and are not offered in a plan catalog.

In the examples provided in this paper, the second highest priority service class, network protection, can be associated with policy designed to protect network resources (e.g., by detecting devices that are consuming too many network resources and throttling or blocking them). Network protection services can have variable billing policies that are selectable by a subscriber (e.g., to enable foreground processing as opposed to background processing, speed, etc.), but a subscriber may or may not have the ability to modify network protection policy, depending upon the implementation.

In the examples provided in this paper, the third highest priority service class, sponsored, can be associated with service plans that are sponsored in whole or in part by an entity other than the subscriber. Partially sponsored plans can be referred to as subsidized, though the term “sponsored” is intended to include subsidized plans unless otherwise indicated by context. Depending upon the implementation and/or configuration, sponsored plans may or may not be optional. For example, an employee of a company may have a sponsored service plan that is applicable when the employee accesses the company intranet, and the employee may or may not be able to decline the sponsorship. As another example, Facebook may subsidize network resource consumption when a subscriber accesses the Facebook website, and the subscriber may or may not be able to decline the subsidy.

In the examples provided in this paper, the fourth highest priority service class, paid, can be associated with service plans that a subscriber purchases. It is generally the case that a subscriber will be given the option to purchase a paid service plan through, e.g., an actionable service offer. (An actionable service offer is a notification that includes a feedback mechanism, such as an accept button, that a subscriber can select to accept the service offer.) Service offers can be triggered by predefined conditions, such as when a subscriber attempts to do something that a plan would help. (Service offers can also be triggered for sponsored services.)

In the examples provided in this paper, the fifth highest priority service class, parental control, can be associated with service plans that a subscriber purchases or modifies in accordance with an authentication process. Parental control plans can be associated with multi-(or single-) device plans for which a primary subscriber can set policy. Depending upon the implementation, different devices of a multi-device plan can also have different sponsored and paid plans.

In the examples provided in this paper, the sixth highest priority service class, market interceptor, can be associated with service plans that are offered to a subscriber before the subscriber drops to the bulk policy service class. Market interceptor plans can include service offers that are favorable to open access policy in some way.

In the examples provided in this paper, the seventh highest priority service class, open access or bulk, can be associated with a catch-all service plan.

In the examples provided in this paper, the eighth highest priority service class, post-bulk, can be associated with service plans that can be activated in the event no other service plan is applicable. In a specific implementation, post-bulk plans are designed to offer a subscriber a last chance to activate a service plan for something that the subscriber is trying to do, but is unable due to no service plan being available. If the subscriber responds appropriately to a notification, the subscriber may activate a service plan (e.g., a paid service plan) relevant to a present activity.

In the examples provided in this paper, the ninth highest priority service class, end-of-life, is typically associated with a notification that no service plan is available for a detected traffic event.

It is not necessary to utilize all service classes to take advantage of a service class hierarchy in specific implementations. It is also possible to move a class up or down relative to other classes in the hierarchy. For example, the network protection class could be given a priority below paid service class.

In the example of FIG. 6, the flowchart 600 continues to module 608 with setting a plan-level policy event associated with a network state. As was described previously, each service plan component can have a traffic control policy, a notification policy, and a charging policy. Policy events can also be set at the plan level. In a specific implementation, the filters and rules that were created when creating service plan components can be reused at the plan level, and if filters and rules are created when creating the service plan (not depicted), then those filters and rules can, be used at the service plan component level. In a specific implementation, the policy events can be associated with a network state. Network state can refer to current or historical parameters (e.g., congestion, previous number of failed attempts to authenticate on the network, time of day, geographic location, type of network, device is roaming, etc.) Policy events can also be set to be applicable for any (i.e., regardless of) network state.

In the example of FIG. 6, the flowchart 600 ends at module 612 with storing the service plan record in a service design system service plan datastore. Advantageously, the service plan can be used in multiple service plan catalogs without modification. Alternatively, the service plan record could be cloned for use in various service plan catalogs with or without modification. Where versioning is used, deployed service plans can either be automatically updated to new versions (with a possible grandfathering-in of subscribers to service plan components from prior versions), or the service plans can be wholly or partially templated such that new versions of the service plan do not impact deployed service plan offerings. Depending upon the implementation, a designer can go back to any module to edit parameters (e.g., after reviewing the service plan and determining that a parameter should be changed).

A service design engine can use a process, such as the example provided with reference to FIG. 4, to create subscriber groups. The service design engine can also use a process, such as the example provided with reference to FIG. 6, to create service plans. The subscriber groups and service plans can be implemented in service plan catalogs that are provided to access networks for automatic or selective implementation. FIG. 7 depicts a flowchart 700 of an example of a method for creating service plan catalogs from subscriber groups and service plans.

In the example of FIG. 7, the flowchart 700 starts at module 702 with creating a service plan catalog record. The service plan catalog record can include a plan catalog name, a plan catalog description, a plan catalog version, or the like. It may be noted that the service plan catalog record could instead be created after all or a portion of the information associated with the following modules has been provided.

In the example of FIG. 7, the flowchart 700 continues to module 704 with adding plans to the service plan catalog record. In a specific implementation, the plans are stored as records in a service design system service plans datastore. In a specific implementation, the plans are represented in a list, and a designer can drag plans from the list into a chosen plans list using a service design system UI. Plans can be designated as available upon activation (or not).

In the example of FIG. 7, the flowchart 700 continues to module 706 with hierarchically arranging the service plans in the service plan catalog record. The plans can be arranged by priority relative to one another, which results in a higher priority plan being displayed and/or used first. The plans can also be arranged within a service class relative to other plans in the service class. Service class can be statically assigned to the plans when they are created (or edited) or dynamically assigned during the creation of the service plan catalog. Priorities can be explicit based on a priority indicator, implicit based on a relative location of a plan in the list of plans, or indicated in some other manner. In a specific implementation, a service design system UI enables a designer to drag a plan up or down a list of plans within service classes to establish priority, which is indicated by a priority number that corresponds to the relative order of a plan within a service class.

In the example of FIG. 7, the flowchart 700 continues to module 708 with optionally arranging plans within tabs for display with a service plan catalog offering. Tabs can include categories such as games, social, productivity, media, free, paid, all, or the like. An association between a tab and a plan can be formed such that the plan will be displayed under the associated tab when the service plan catalog offering is displayed, e.g., on a subscriber device. A plan can be associated with multiple tabs, and displayed under the multiple tabs. The order of the tabs can be configured, as can the order of the plans within tabs. In this paper, the order of the plans within a tab is not related to the priority of a plan, e.g., within a service class, though such a correlation could be made in alternative implementations.

In the example of FIG. 7, the flowchart 700 continues to module 710 with adding subscriber groups to the service plan catalog record. In a specific implementation, the subscriber groups are represented in a list, and a designer can drag plans from the list into a chosen subscriber groups list using a service design system UI. Other methods of adding subscriber groups are anticipated, such as, e.g., by identifying subscriber groups in accordance with subscriber characteristics.

When a service plan catalog is published, the subscriber groups associated with service plans in the service plan catalog identify the subscribers, whether automatically or by selecting the plan, that will have the policies of the relevant service plan enforced on their devices. Depending upon the implementation, publication of a plan can be in beta, which generally means the subscribers to the plan can have the plan changed with or without notice, or deployed, which generally means that subscribers can expect changes to future versions of the plan will not impact them until they need to repurchase the (new version of) the plan.

In the example of FIG. 7, the flowchart 700 continues to module 712 with configuring upsell offers. Upsell offers have notification policy that is associated with network state, device state, or subscriber state. For example, if a subscriber uses a great deal of streaming media in a bulk plan, it may be desirable to offer a streaming media plan that, based upon their current or historical usage, will save the subscriber money. As another example, a subscriber who is in a city with a wireless Municipal Area Network (MAN) might receive upsell offers associated with a using the wireless MAN. As another example, a subscriber who frequently accesses Facebook can be offered a service plan that is sponsored by Facebook, thereby decreasing service costs as long as the access is associated with Facebook. As another example, a subscriber who frequently accesses a Facebook competitor could be offered a service plan that is sponsored by Facebook in an effort to draw the subscriber to Facebook (because it is cheaper). As another example, if a subscriber is indicated to have a language preference of Japanese, an upsell offer could target that demographic (e.g., by offering a sponsored service to access an application that is popular among Japanese speakers). As another example, a subscriber who has a particular device state (e.g., the subscriber record includes data that the subscriber uses an iPhone) can be targeted with an upsell offer that is popular with subscribers having such a device state.

Upsell offers can include a suite of all possible choices, or can be limited to offers that are more suitable to the specific historical usage of a particular subscriber. For example, if a subscriber typically consumes around 5 MB of data per unit of time, the system need not provide upsell offers for 10 MB, 100 MB, 1 GB, 10 GB, and 100 GB all at once (even though all might be offered), and instead send an upsell offer of 10 MB only (or, e.g., 10 MB and 100 MB). If usage for the subscriber increases, the subscriber can be notified regarding the larger-size service plans.

The upsell offer could alternatively be added to a service plan component, but in a specific implementation, it was deemed useful to modify upsell offers, even those that might be identified within a service plan component, at the service plan catalog level. In this way, standard upsell components of, e.g., a Facebook plan, can be modified with appropriate notification or other configurations for a given service plan catalog or for specific subscriber groups.

In the example of FIG. 7, the flowchart 700 ends at module 714 with setting LCP error policy. An LCP error occurs when a traffic event is not matched to an applicable service plan policy. Setting an LCP error for a service plan catalog enables the LCP error to be handled in an elegant fashion (e.g., by sending a notification to a subscriber that the traffic event can be handled in accordance with an inactive service plan, the notification including an option for the subscriber to activate the inactive service plan). The LCP error notification policy could alternatively be added to a service plan component, but in a specific implementation, it was deemed useful to enable LCP error policy settings at the service plan catalog level because the LCP error policy always comes at the end of attempts to match all active plans in a service plan catalog offering. This results in improved service plan design efficiency. Depending upon the implementation, a designer can go back to any module to edit parameters (e.g., after reviewing the service plan catalog and determining that a parameter should be changed).

FIG. 8 depicts an example of system 800 including an access network and a network service plan provisioning sandbox system. The system 800 includes an access network 802 and a network service plan provisioning system 804. The access network 802 is similar to that described with reference to FIG. 1.

In the example of FIG. 8, the network service plan provisioning system 804 includes a service design center 806 and a service design sandbox 808. Conceptually, the service design center 806 and the service design sandbox 808 share design and/or provisioning responsibilities. The service design center 806 and the service design sandbox 808 can be hierarchically organized. For example, the service design center 806 can delegate certain roles to the service design sandbox 808 and perhaps retains an oversight capability for agents of the service design center 806. For example, the service design sandbox 808 can be given the ability to impact policy control to a subset of subscriber groups of the network service plan provisioning system 804. The network service plan provisioning system 804 can be referred to as “distributed” in this example.

Some examples of entities that might desire to include the service design sandbox 808 in their networks include enterprises with employees that consume network services, MVNOs, application developers, gifters, and community-based organizations. In the case of enterprises with employees that consume network services, the service design sandbox 808 can enable fine-tuned control over traffic control and charging policy (as well as notification policy). Assume that XYZ company controls the service design sandbox 808. XYZ company can create a service plan specific to XYZ company network services on the XYZ company intranet, which will be referred to as the XYZ plan. Specifically, the XYZ company can sponsor the XYZ company network services on the XYZ company intranet for XYZ company employees. A paid plan offered by a carrier that controls the service design center 806, for example, can still be available for XYZ company employees that are using other network services (or XYZ company could partially sponsor a subset of the other network services). The XYZ plan could also include a component that prevents XYZ company employees from accessing certain restricted sites through the XYZ company intranet and has notification policy associated with the attempted access. Continuing the example, an agent (e.g., IT manager) of the XYZ company can define subscriber groups that comprise XYZ company members and assign different service plans (e.g., different traffic control, notification, or charging policies) to the different XYZ company subscriber groups. For example, employees could get limited usage, managers might get access to more usage and additional services (e.g., email), members of the sales team might get better roaming services, and a CEO might get everything in the carrier's service plan offering, perhaps with XYZ company as a sponsor for all services. Advantageously, split-billing is possible using these techniques, such that XYZ company can pay for sponsored services and XYZ employees can pay for unsponsored services (or for a portion of subsidized services).

In the case of MVNOs, an MVNO can purchase bulk data from a carrier and offer plans based on the bulk. Advantageously for MVNOs, the service design sandbox 808 enables control over subscribers based on, e.g., network state. Indeed, for all subscribers “owned” by the MVNO, a great deal of policy control can be applied (dependent upon the amount of control a carrier is willing to give to the MVNO). Other providers that can benefit from the sandbox model include mobile virtual network enablers (MVNEs), mobile shared spectrum enablers (MSSEs), and service providers (SPs).

In the case of application developers, the service design sandbox 808 can specify applications that can be covered by a service plan. The service design center 806 may or may not be responsible for creating the underlying control mechanism. For example, a company like amazon.com can be given some control over sponsorship settings for applications associated with amazon.com.

In the case of gifters, the service design sandbox 808 can enable specification of a sponsorship amount that is donated to some other organization, such as a non-profit organization. In the case of community-based organizations, the service design sandbox 808 can specify free access for a particular network service. For example, the San Francisco Giants organization could have a plan group for fans that grants free access to the official site of the San Francisco Giants. As another example, AAA could sponsor access to services for AAA members.

Agents of the network service plan provisioning system can be given roles that grant access to certain aspects of service design and/or provisioning. For example, agents at the service design center 806 can have a role system administrator, super user, or the like, while agents of the service design sandbox 808 can have roles such as enterprise IT manager, MVNO administrator, or the like. Agents of the service design sandbox 808 can subdivide roles further, if applicable, depending upon implementation.

FIG. 9 depicts a conceptual diagram 900 of an example of a service design system sandbox implementation. The conceptual diagram 900 includes a carrier network 902, existing network, IT, and billing infrastructure 904 (referred to as infrastructure 904), the Internet 906, a service processor 908, a service controller 910, an operator service design center (SDC) 912, and a partner SDC sandbox 914. In the example of FIG. 9, the carrier network is coupled to the Internet 906 via the infrastructure 904.

The service processor 908 can be implemented on a client device on the carrier network 902. In a specific implementation, the service processor 908 includes a service control device link. For example, as device based service control techniques involving supervision across a network become more sophisticated, it becomes increasingly important to have an efficient and flexible control plane communication link between the device agents and the network elements communicating with, controlling, monitoring, or verifying service policy. In some embodiments, the service control device link provides the device side of a system for transmission and reception of service agent to/from network element functions. In some embodiments, the traffic efficiency of this link is enhanced by buffering and framing multiple agent messages in the transmissions. In some embodiments, the traffic efficiency is further improved by controlling the transmission frequency or linking the transmission frequency to the rate of service usage or traffic usage. In some embodiments, one or more levels of security or encryption are used to make the link robust to discovery, eavesdropping or compromise. In some embodiments, the service control device link also provides the communications link and heartbeat timing for the agent heartbeat function. The service control device link can provide an efficient and secure solution for transmitting and receiving service policy implementation, control, monitoring and verification information with other network elements.

In a specific implementation, a client dashboard is presented in a display device by the service processor 908. The client dashboard can include the following menus: services (purchased, data usage), statistics (applications consuming data, data used in absolute terms or as a %), buy (navigates subscriber through activation, enrollment, plan selection, and purchase workflows), help, and settings (preferences, e.g., language).

The service controller 910 can be implemented, e.g., in the cloud, and is coupled to the infrastructure 904.

The operator SDC 912 is on the Internet, and is coupled to the service controller. The operator SDC 912 can set up boundaries for “sandboxed” service and allow customizations for partner sets; lock in master tariffs based on negotiated rates for a given partner set or individual partner; create custom log-ins for different partner sets or individual partners; and carry out any applicable techniques appropriate for a service design system. The operator SDC 912 allows authorized agents to manage service plan components and subscribers. The agents can manage groups (collections of subscribers, SIMs, or devices) to create groups and group directories, assign an identity hierarchy for the operator, associated identifiers with groups, etc. The agents can manage service plans (including one or more components) including plan name and description, groups using the plan, service plan components, service activities, network busy states and connection types, charging policies (including usage limits, thresholds, frequency, time, and payment type), notifications (e.g., for plan usage thresholds, plan cap, expiration, block, overage, no capable plan, etc.), and events (e.g., for plan usage thresholds, plan cap, expiration, block, overage, etc.). The agents can manage service components (logical grouping of one or more filters and rules), including component name and description, plans using the component, network busy states and connection types, charging policies (including usage limits, thresholds, frequency, time and payment type), notifications (e.g., for plan usage thresholds, plan cap, expiration, block, overage, no capable plan, etc.), and events (e.g., for plan usage thresholds, plan cap, expiration, block, overage, etc.). The agents can manage service activities (e.g., activity name, plans using the activity, components using the activity, filter name and description, and filter type details (e.g., operating system, application, remote, port, protocol, etc.). The agents can manage service group plans including assign and publish plan group, create activation workflow screens, create buy workflow screens. The agents can receive, manage, customize, or generate reports for, for example, usage reports by destination for a subscriber over a period of time, usage reports by destination for a range of subscribers over a period of time (top destinations).

The partner SDC sandbox 914 is coupled to the operator SDC 912 in an applicable convenient fashion. The partner SDC sandbox 914 can provide a secure login environment in which a subset of SDC service management controls can be designed and/or used; enable selection from bounded service customization options for one or more device groups under management; customize device UI branding; access real time analytics for service usage, application usage, location, etc.; set up service usage alerts, fraud alerts, theft alerts, etc.; and carry out any applicable techniques appropriate for a service design system that have been delegated to the sandboxed environment.

The service controller 910 includes a service control server link. In some a specific implementation, device based service control techniques involving supervision across a network (e.g., on the control plane) are more sophisticated, and for such it is increasingly important to have an efficient and flexible control plane communication link between the device agents (e.g., of the service processor 908) and the network elements (e.g., of the service controller 910) communicating with, controlling, monitoring, or verifying service policy. For example, the communication link between the service control server link of service controller 910 and the service control device link of the service processor 910 can provide an efficient and flexible control plane communication link, a service control link; in some embodiments, this control plane communication link provides for a secure (e.g., encrypted) communications link for providing secure, bidirectional communications between the service processor 908 and the service controller 910. In some embodiments, the service control server link provides the network side of a system for transmission and reception of service agent to/from network element functions. In some embodiments, the traffic efficiency of this link is enhanced by buffering and framing multiple agent messages in the transmissions (e.g., thereby reducing network chatter). In some embodiments, the traffic efficiency is further improved by controlling the transmission frequency and/or linking the transmission frequency to the rate of service usage or traffic usage. In some embodiments, one or more levels of security and/or encryption are used to secure the link against potential discovery, eavesdropping or compromise of communications on the link. In some embodiments, the service control server link also provides the communications link and heartbeat timing for the agent heartbeat function. In some embodiments, the service control server link provides for securing, signing, encrypting and/or otherwise protecting the communications before sending such communications over the service control link. For example, the service control server link can send to the transport layer or directly to the link layer for transmission. In another example, the service control server link further secures the communications with transport layer encryption, such as TCP TLS or another secure transport layer protocol. As another example, the service control server link can encrypt at the link layer, such as using IPSEC, various possible VPN services, other forms of IP layer encryption and/or another link layer encryption technique.

In a specific implementation, the service controller 910 can include an access control integrity server (e.g., service policy security server). In some embodiments, the access control integrity server collects device information on service policy, service usage, agent configuration, and/or agent behavior. For example, the access control integrity server can cross check this information to identify integrity breaches in the service policy implementation and control system. In another example, the access control integrity server can initiate action when a service policy violation (e.g., QoS policy violation and/or a network capacity controlled services policy violation) or a system integrity breach is suspected.

In a specific implementation, an agent of the service controller 910 (and/or some other agent of the access control integrity server) acts on access control integrity agent (e.g., service policy security agent) reports and error conditions. Many of the access control integrity agent checks can be accomplished by the server. For example, the access control integrity agent checks include one or more of the following: service usage measure against usage range consistent with policies (e.g., usage measure from the network and/or from the device); configuration of agents; operation of the agents; and/or dynamic agent download.

In a specific implementation, an agent of the service controller 910 (and/or some other agent of the access control integrity server) verifies device service policy implementations by comparing various service usage measures (e.g., based on network monitored information, such as by using IPDRs or CDRs, and/or local service usage monitoring information) against expected service usage behavior given the policies that are intended to be in place (e.g., a QoS policy and/or a network capacity controlled services policy). For example, device service policy implementations can include measuring total QoS data passed, QoS data passed in a period of time, IP addresses, data per IP address, and/or other measures such as location, downloads, email accessed, URLs, and comparing such measures expected service usage behavior given the policies that are intended to be in place.

In a specific implementation, an agent of the service controller 910 (and/or some other agent of the access control integrity server) verifies device service policy, and the verification error conditions that can indicate a mismatch in QoS service measure and QoS service policy include one or more of the following: unauthorized network access (e.g., access beyond ambient service policy limits); unauthorized network speed (e.g., average speed beyond service policy limit); network data amount does not match QoS policy limit (e.g., device not stop at limit without re-up/revising service policy); unauthorized network address; unauthorized service usage (e.g., VOIP, email, and/or web browsing); unauthorized application usage (e.g., email, VOIP, email, and/or web); service usage rate too high for plan, and policy controller not controlling/throttling it down; and/or any other mismatch in service measure and service policy. Accordingly, in some embodiments, an agent of the service controller 910 (and/or some other agent of the access control integrity server) provides a policy/service control integrity service to continually (e.g., periodically and/or based on trigger events) verify that the service control of the device has not been compromised and/or is not behaving out of policy (e.g., a QoS policy and/or a network capacity controlled services policy).

In a specific implementation, the service controller 910 includes a service history server (e.g., charging server). In some embodiments, the service history server collects and records service usage or service activity reports from, e.g., an access network AAA server and/or a service monitor agent of the service controller 910. For example, although service usage history from the network elements can in certain embodiments be less detailed than service history from the device, the service history from the network can provide a valuable source for verification of device service policy implementation, because, for example, it is extremely difficult for a device error or compromise event on the device to compromise the network based equipment and software. For example, service history reports from the device can include various service tracking information, as similarly described above. In some embodiments, the service history server provides the service history on request to other agents of the service controller 910, other servers, and/or one or more other agents. In some embodiments, the service history server provides the service usage history to the device service history (e.g., CDR feed and CDR mediation). In some embodiments, for purposes of facilitating the activation tracking service functions (described below), the service history server maintains a history of which networks the device has connected to. For example, this network activity summary can include a summary of the networks accessed, activity versus time per connection, and/or traffic versus time per connection. As another example, this activity summary can further be analyzed or reported to estimate the type of service plan associated with the traffic activity for the purpose of bill sharing reconciliation.

In a specific implementation, the service controller 910 includes a policy management server (e.g., policy decision point (PDP) server) for managing service usage policies, such as QoS policies and/or a network capacity controlled services policies. In some embodiments, the policy management server transmits policies to the service processor 908 via the service control link. In some embodiments, the policy management server manages policy settings on the device (e.g., various policy settings as described herein with respect to various embodiments) in accordance with a device service profile. In some embodiments, the policy management server sets instantaneous policies on policy implementation agents (e.g., policy implementation agent). For example, the policy management server can issue policy settings, monitor service usage and, if necessary, modify policy settings. For example, in the case of a user who prefers for the network to manage their service usage costs, or in the case of any adaptive policy management needs, the policy management server can maintain a relatively high frequency of communication with the device to collect traffic and/or service measures and issue new policy settings. In this example, device monitored service measures and any user service policy preference changes are reported, periodically and/or based on various triggers/events/requests, to the policy management server. In this example, user privacy settings generally require secure communication with the network (e.g., a secure service control link), such as with the policy management server, to ensure that various aspects of user privacy are properly maintained during such configuration requests/policy settings transmitted over the network. For example, information can be compartmentalized to service policy management and not communicated to other databases used for CRM for maintaining user privacy.

In some embodiments, the policy management server provides adaptive policy management on the device. For example, the policy management server can issue policy settings and objectives and rely on the device based policy management (e.g., service processor 908) for some or all of the policy adaptation. This approach can require less interaction with the device thereby reducing network chatter on the service control link for purposes of device policy management (e.g., network chatter is reduced relative to various server/network based policy management approaches described above). This approach can also provide robust user privacy embodiments by allowing the user to configure the device policy for user privacy preferences/settings so that, for example, sensitive information (e.g., geo-location data, website history, and/or other sensitive information) is not communicated to the network without the user's approval. In some embodiments, the policy management server adjusts service policy based on time of day. In some embodiments, the policy management server receives, requests, and/or otherwise obtains a measure of network availability/capacity and adjusts traffic shaping policy and/or other policy settings based on available network availability/capacity (e.g., a network busy state).

In a specific implementation, the service controller 910 includes a network traffic analysis server. In some embodiments, the network traffic analysis server collects/receives service usage history for devices and/or groups of devices and analyzes the service usage. In some embodiments, the network traffic analysis server presents service usage statistics in various formats to identify improvements in network service quality and/or service profitability. In some embodiments, the network traffic analysis server estimates the service quality and/or service usage for the network under variable settings on potential service policies. In some embodiments, the network traffic analysis server identifies actual or potential service behaviors by one or more devices that are causing problems for overall network service quality or service cost. In some embodiments, the network traffic analysis server estimates the network availability/capacity for the network under variable settings on potential service policies. In some embodiments, the network traffic analysis server identifies actual or potential service behaviors by one or more devices that are impacting and/or causing problems for overall network availability/capacity.

In a specific implementation, the service controller 910 includes a beta test server (e.g., policy creation point and beta test server). In some embodiments, the beta test server publishes candidate service plan policy settings to one or more devices. In some embodiments, the beta test server provides summary reports of network service usage or user feedback information for one or more candidate service plan policy settings. In some embodiments, the beta test server provides a mechanism to compare the beta test results for different candidate service plan policy settings or select the optimum candidates for further policy settings optimization, such as for protecting network capacity.

In a specific implementation, the service controller 910 includes a service download control server (e.g., a service software download control server). In some embodiments, the service download control server provides a download function to install and/or update service software elements (e.g., the service processor 908 and/or agents/components of the service processor 908) on the device, as described herein.

In a specific implementation, the service controller 910 includes a billing event server (e.g., micro-CDR server). In some embodiments, the billing event server collects billing events, provides service plan information to the service processor 908, provides service usage updates to the service processor 908, serves as interface between device and central billing server, and/or provides trusted third party function for certain ecommerce billing transactions.

In a specific implementation, the service processor 908 provides an additional layer of access control. For example, an access network AAA server can provide necessary access network AAA services (e.g., access control and authorization functions for the device access layer) to allow the devices onto the central provider access network and the service provider network. In some embodiments, another layer of access control is required for the device to gain access to other networks, such as the Internet, a corporate network and/or a machine to machine network. In some embodiments, the Access Network AAA server also provides the ability to suspend service for a device and resume service for a device based on communications received from the service controller 910. In some embodiments, the Access Network AAA server also provides the ability to direct routing for device traffic to a quarantine network or to restrict or limit network access when a device quarantine condition is invoked. In some embodiments, the Access Network AAA server also records and reports device network service usage.

In some embodiments, different profiles are selected based on the selected network connection (e.g., different service profiles/policies for WWAN, WLAN, WPAN, Ethernet and/or DSL network connections), which can be referred to as multimode profile setting. For example, service profile settings can be based on the actual access network (e.g., home DSL/cable or work network) behind the Wi-Fi not the fact that it is Wi-Fi (e.g., or any other network, such as DSL/cable, satellite, or T-1), which is viewed as different than accessing a Wi-Fi network at the coffee shop. For example, in a Wi-Fi hotspot situation in which there are a significant number of users on a DSL or T-1 backhaul, the service controller can sit in a service provider cloud or an MVNO cloud, the service controls can be provided by a VSP capability offered by the service provider or the service controller 910 can be owned by the hotspot service provider that uses the service controller 910 on their own without any association with an access network service provider. For example, the service processor 908 can be controlled by the service controller 910 to divide up the available bandwidth at the hotspot according to QoS or user sharing rules (e.g., with some users having higher differentiated priority (e.g., potentially for higher service payments) than other users). As another example, ambient services (e.g., as similarly described herein) can be provided for the hotspot for verified service processors.

In some embodiments, the service processor 908 and service controller 910 are capable of assigning multiple service profiles associated with multiple service plans that the user chooses individually or in combination as a package. For example, a device starts with ambient services that include free transaction services wherein the user pays for transactions or events rather than the basic service (e.g., a news service, eReader, PND service, pay as you go session Internet) in which each service is supported with a bill by account capability to correctly account for any subsidized partner billing to provide the transaction services (e.g., Barnes and Noble may pay for the eReader service and offer a revenue share to the service provider for any book or magazine transactions purchased from the device). In some embodiments, the bill by account service can also track the transactions and, in some embodiments, advertisements for the purpose of revenue sharing, all using the service monitoring capabilities disclosed herein. After initiating services with the free ambient service discussed above, the user may later choose a post-pay monthly Internet, email, and SMS service. In this case, the service controller 910 would obtain from the billing system in the case of network based billing (e.g., or the service controller 910 billing event server in the case of device based billing) the billing plan code for the new Internet, email and SMS service. In some embodiments, this code is cross referenced in a database (e.g., the policy management server) to find the appropriate service profile for the new service in combination with the initial ambient service. The new superset service profile is then applied so that the user maintains free access to the ambient services, and the billing partners continue to subsidize those services, the user also gets access to Internet services and may choose the service control profile (e.g., from one of the embodiments disclosed herein). The superset profile is the profile that provides the combined capabilities of two or more service profiles when the profiles are applied to the same device service processor. In some embodiments, the service processor 908 can determine the superset profile rather than the service controller 910 when more than one “stackable” service is selected by the user or otherwise applied to the device. The flexibility of the service processor 908 and service controller 910 embodiments described herein allow for a large variety of service profiles to be defined and applied individually or as a superset to achieve the desired device service features.

In some embodiments, device assisted services (DAS) techniques for providing an activity map for classifying or categorizing service usage activities to associate various monitored activities (e.g., by URL, by network domain, by website, by network traffic type, by application or application type, and/or any other service usage activity categorization/classification) with associated IP addresses are provided. In some embodiments, a policy control agent, service monitor agent (e.g., charging agent), or another agent or function (or combinations thereof) of the service processor 908 provides a DAS activity map. In some embodiments, a policy control agent, service monitor agent, or another agent or function (or combinations thereof) of the service processor provides an activity map for classifying or categorizing service usage activities to associate various monitored activities (e.g., by Uniform Resource Locator (URL), by network domain, by website, by network traffic type, by socket (such as by IP address, protocol, and/or port), by socket id (such as port address/number), by port number, by content type, by application or application type, and/or any other service usage activity classification/categorization) with associated IP addresses and/or other criteria/measures. In some embodiments, a policy control agent, service monitor agent, or another agent or function (or combinations thereof) of the service processor determines the associated IP addresses for monitored service usage activities using various techniques to snoop the DNS request(s) (e.g., by performing such snooping techniques on the device 100 the associated IP addresses can be determined without the need for a network request for a reverse DNS lookup). In some embodiments, a policy control agent, service monitor agent, or another agent or function (or combinations thereof) of the service processor records and reports IP addresses or includes a DNS lookup function to report IP addresses or IP addresses and associated URLs for monitored service usage activities. For example, a policy control agent, service monitor agent, or another agent or function (or combinations thereof) of the service processor can determine the associated IP addresses for monitored service usage activities using various techniques to perform a DNS lookup function (e.g., using a local DNS cache on the monitored device). In some embodiments, one or more of these techniques are used to dynamically build and maintain a DAS activity map that maps, for example, URLs to IP addresses, applications to IP addresses, content types to IP addresses, and/or any other categorization/classification to IP addresses as applicable. In some embodiments, the DAS activity map is used for various DAS traffic control and/or throttling techniques as described herein with respect to various embodiments for providing QoS for DAS and/or for providing DAS for protecting network capacity. In some embodiments, the DAS activity map is used to provide the user various UI related information and notification techniques related to service usage as described herein with respect to various embodiments. In some embodiments, the DAS activity map is used to provide service usage monitoring, prediction/estimation of future service usage, service usage billing (e.g., bill by account and/or any other service usage/billing categorization techniques), DAS techniques for ambient services usage monitoring, DAS techniques for generating micro-CDRs, and/or any of the various other DAS related techniques as described herein with respect to various embodiments.

FIG. 10 depicts a conceptual diagram 1000 of an example of a service design system sandbox implementation. The components of FIG. 10 are similar to those depicted in FIG. 9. FIG. 10 is intended to illustrate that various sandboxes can be created for a variety of purposes. In the example of FIG. 10, the sandboxes 1014 include sponsored apps & websites sandboxes 1014-1, enterprise IT manager sandboxes 1014-2, machine-to-machine (M2M) & virtual service provider (VSP) (MVNO) partner sandboxes 1014-3, device OEM & media provider sandboxes 1014-4, parental control & multi-device sandboxes 1014-5, etc. A common service controller cloud service software implemented at the service controller 1010 and server processor device client software implemented at the service processor 1008 allows operators and partners to scale customized user experiences and service plan policies.

In some embodiments, a network service usage control policy is dynamic based on one or more of the following: a network busy state, a time of day, which network the service activity is connected to, which base station or communication channel the service activity is connected to, a user input, a user preference selection, an associated service plan, a service plan change, an application behavior, a messaging layer behavior, random back off, a power state of device, a device usage state, a time based criteria (e.g., time/day/week/month, hold/delay/defer for future time slot, hold/delay/defer for scheduled time slot, and/or hold/delay/defer until a busy state/availability state/QoS state is achieved), monitoring of user interaction with the service activity, monitoring of user interaction with the device, the state of UI priority for the service activity, monitoring the power consumption behavior of the service activity, modem power cycling or power control state changes, modem communication session set up or tear down, and/or a policy update/modification/change from the network. In some embodiments, the network service usage control policy is based on updated service usage behavior analysis of the network service usage activity. In some embodiments, the network service usage control policy is based on updated activity behavior response to a network capacity controlled service classification. In some embodiments, the network service usage control policy is based on updated user input/preferences (e.g., related to policies/controls for network capacity controlled services). In some embodiments, the network service usage control policy is based on updates to service plan status. In some embodiments, the network service usage control policy is based on updates to service plan policies. In some embodiments, the network service usage control policy is based on availability of alternative networks. In some embodiments, the network service usage control policy is based on policy rules for selecting alternative networks. In some embodiments, the network service usage control policy is based on network busy state or availability state for alternative networks. In some embodiments, the network service usage control policy is based on specific network selection or preference policies for a given network service activity or set of network service activities.

In some embodiments, associating the network service usage activity with a network service usage control policy or a network service usage notification policy, includes dynamically associating based on one or more of the following: a network busy state, a time of day, a user input/preference, an associated service plan (e.g., 25 MB data plan, 5G data plan, or an unlimited data plan or other data/service usage plan), an application behavior, a messaging layer behavior, a power state of device, a device usage state, a time based criteria, availability of alternative networks, and a set of policy rules for selecting and/or controlling traffic on one or more of the alternative networks.

In some embodiments, a network service usage control policy (e.g., a network capacity controlled services policy) includes defining the network service usage control policy for one or more service plans, defining network access policy rules for one or more devices or groups of devices in a single or multi-user scenarios such as family and enterprise plans, defining network access policy rules for one or more users or groups of users, allowing or disallowing network access events or attempts, modulating the number of network access events or attempts, aggregating network access events or attempts into a group of access events or attempts, time windowing network access events or attempts, time windowing network access events or attempts based on the application or function being served by the network access events or attempts, time windowing network access events or attempts to pre-determined time windows, time windowing network access events or attempts to time windows where a measure of network busy state is within a range, assigning the allowable types of access events or attempts, assigning the allowable functions or applications that are allowed network access events or attempts, assigning the priority of one or more network access events or attempts, defining the allowable duration of network access events or attempts, defining the allowable speed of network access events or attempts, defining the allowable network destinations for network access events or attempts, defining the allowable applications for network access events or attempts, defining the QoS rules for one or more network access events or attempts, defining or setting access policy rules for one or more applications, defining or setting access policy rules for one or more network destinations, defining or setting access policy rules for one or more devices, defining or setting access policy rules for one or more network services, defining or setting access policy rules for one or more traffic types, defining or setting access policy rules for one or more QoS classes, and defining or setting access policy rules based on any combination of device, application, network destination, network service, traffic type, QoS class, and/or other criteria/measures.

In some embodiments, a network service usage control policy (e.g., a network capacity controlled services policy) includes a traffic control policy. In some embodiments, the traffic control policy includes a traffic control setting. In some embodiments, the traffic control policy includes a traffic control/tier, and the traffic control/tier includes the traffic control setting. In some embodiments, the traffic control policy includes one or more of the following: block/allow settings, throttle settings, adaptive throttle settings, QoS class settings including packet error rate, jitter and delay settings, queue settings, and tag settings (e.g., for packet tagging certain traffic flows). In some embodiments, QoS class settings, include one or more of the following: throttle level, priority queuing relative to other device traffic, time window parameters, and hold or delay while accumulating or aggregating traffic into a larger stream/burst/packet/group of packets. In some embodiments, the traffic control policy includes filters implemented as indexes into different lists of policy settings (e.g., using cascade filtering techniques), in which the policy filters include one or more of the following: a network, a service plan, an application, a time of day, and a network busy state. For example, a two dimensional traffic control implementation scheme can be provided using a network busy state and/or a time of day as an index into a traffic control setting (e.g., a certain application's priority level can be increased or decreased based on a network busy state and/or time of day). In some embodiments, the traffic control policy is used for selecting the network from a list of available networks, blocking or reducing access until a connection is made to an alternative network, and/or modifying or replacing a network stack interface of the device to provide for intercept or discontinuance of network socket interface messages to applications or OS functions.

In some embodiments, a traffic control setting is selected based on the network service usage control policy. In some embodiments, the traffic control setting is implemented on the device based on the network service usage control policy. In some embodiments, the implemented traffic control setting controls traffic/traffic flows of a network capacity controlled service. In some embodiments, the traffic control setting is selected based on one or more of the following: a time of day, a day of week, a special time/date (e.g., a holiday or a network maintenance time/date), a network busy state, a priority level associated with the network service usage activity, a QoS class associated with the network service usage activity (e.g., emergency traffic), which network the network service activity is gaining access from, which networks are available, which network the network service activity is connected to, which base station or communication channel the network service activity is connected to, and a network dependent set of traffic control policies that can vary depending on which network the service activity is gaining access from (e.g., and/or various other criteria/measures as described herein). In some embodiments, the traffic control setting includes one or more of the following: allow/block, delay, throttle, QoS class implementation, queue, tag, generate a user notification, random back off, clear to send received from a network element, hold for scheduled transmission time slot, selecting the network from the available networks, and blocking or reducing access until a connection is made to an alternative network. In some embodiments, the traffic control setting is selected based on a network capacity controlled services priority state of the network service usage activity and a network busy state. In some embodiments, the traffic control setting is selected based on a network capacity controlled services priority state of the network service usage activity and a network busy state and is global (e.g., the same) for all network capacity controlled services activities or varies based on a network service usage activity priority, user preferences or option selection, an application, a time based criteria, a service plan, a network the device or service activity is gaining access from, a redetermination of a network congestion state after adapting to a previously determined network busy state, and/or other criteria/measures as described herein.

In some embodiments, network capacity controlled services traffic (e.g., traffic flows) is differentially controlled for protecting network capacity. For example, various software updates for an OS and one or more applications on the device can be differentially controlled using the various techniques described herein. As another example, security/antimalware software (e.g., antivirus, firewall, content protection, intrusion detection/prevention, and/or other security/antimalware software) can be differentially controlled using the various techniques described herein. As yet another example, network backups/imaging, content downloads (e.g., exceeding a threshold individually and/or in aggregate, such as for image, music, video, eBook content, email attachments, content/media subscriptions, RSS/news feeds, text/image/video chat, software updates, and/or other content downloads) can be differentially controlled using the various techniques described herein.

For example, using the DAS for protecting network capacity techniques described herein an adaptive policy control for protecting network capacity can be provided. A network capacity controlled services list can be generated, updated, reported, and/or received by the device and stored on the device (e.g., the list can be based on adapted to the service plan associated with the device). If a monitored network service usage activity is not on the list, then the device can report the monitored network service usage activity to a network element (e.g., for a monitored network service usage activity that also exceeds a certain threshold, based on a network busy state, based on a time based criteria, and/or other criteria/measure). As an example, monitored network service usage activity can be reported if/when the monitored network service usage activity exceeds a data usage threshold (e.g., 50 MB total data usage per day, a socket opening frequency/rate, velocity of data usage at an instant in time, or more complicated thresholds over time, over peak periods, by content and time, by various other parameters/thresholds). As another example, the monitored network service usage activity can be reported based on testing of the network service usage behavior and/or application developer characterization input. The report can include information that identifies the network service usage activity and various network service usage parameters.

In some embodiments, a notification setting is selected based on a service usage notification policy. In some embodiments, a notification setting includes a user notification setting (e.g., various user notifications settings as described above with respect to FIG. 18).

In some embodiments, classifying the network service usage activity further includes classifying the network service usage activity (e.g., using a usage threshold filter and/or cascading filter techniques) into one or more of a plurality of classification categories for differential network access control for protecting network capacity. In some embodiments, classifying the network service usage activity, further includes classifying the network service usage activity into one or more network capacity controlled services in which the network capacity controlled services include one or more of the following: applications requiring data network access, application software updates, applications requiring network information, applications requiring GPS or physical location, operating system software updates, security software updates, network based backups, email downloads, and a set of activities configured as network capacity controlled service activities based on a service profile and/or user input (e.g., and/or various other types of network service usage activities as described herein and as will now be apparent to one of ordinary skill in the art). For example, network capacity controlled services can include software updates for OS and applications, OS background network accesses, cloud synchronization services, RSS feeds & other background information feeds, browser/application/device behavior reporting, background email downloads, content subscription service updates and downloads (e.g., music/video downloads, news feeds), text/voice/video chat clients, security updates (e.g., antimalware updates), peer to peer networking application updates, inefficient network access sequences during frequent power cycling or power save state cycling, large downloads or other high bandwidth accesses, and greedy application programs that constantly/repeatedly access the network with small transmissions or requests for information. In some embodiments, a network capacity controlled services list is static, adaptive, generated using a service processor, received from a network element (e.g., service controller or service cloud), received from a network element (e.g., service controller or service cloud) and based at least in part on device activity reports received from the service processor, based on criteria set by pre-testing, report of behavior characterization performed by the application developer, and/or based at least in part on user input. In some embodiments, the network capacity controlled services list includes one or more network service activity background (QoS) classes.

In some embodiments, classifying the network service usage activity further includes classifying the network service usage activity based on one or more of the following: application or widget (e.g., Outlook, Skype, iTunes, Android email, weather channel weather widget, iCal, Firefox Browser, etc), application type (e.g., user application, system application/utility/function/process, OS application/utility/function/process, email, browser, widget, malware (such as a virus or suspicious process), RSS feed, device synchronization service, download application, network backup/imaging application, voice/video chat, peer to peer content application or other peer to peer application, streaming media feed or broadcast reception/transmission application, network meeting application, chat application or session, and/or any other application or process identification and categorization), OS/system function (e.g., any system application/utility/function/process and/or OS application/utility/function/process, such as a OS update and/or OS error reporting), modem function, network communication function (e.g., network discovery or signaling, EtherType messages, connection flow/stream/session set up or tear down, network authentication or authorization sequences, IP address acquisition, and DNS services), URL and/or domain, destination/source IP address, protocol, traffic type, socket (e.g., IP address, protocol, and/or port), socket address/label/identifier (e.g., port address/port number), content type (e.g., email downloads, email text, video, music, eBooks, widget update streams, and download streams), port (e.g., port number), QoS classification level, time of day, on peak or off peak, network time, network busy state, access network selected, service plan selected, user preferences, device credentials, user credentials, and/or status, modem power cycling or power state changes, modem authentication processes, modem link set up or tear down, modem management communications, modem software or firmware updates, modem power management information, device power state, and modem power state. In some embodiments, classifying the network service usage activity further includes associating the classified network service usage activity with an ID (e.g., an application ID, which can be, for example, a unique number, name, and/or signature). In some embodiments, classifying the network service usage activity further includes classifying the network service usage activity using a plurality of classification parameters, including one or more of the following: application ID, remote IP (e.g., URL, domain, and/or IP address), remote port, protocol, content type, a filter action class (e.g., network busy state class, QoS class, time of day, network busy state, and/or other criteria/measures), and access network selected. In some embodiments, classifying the network service usage activity further includes using a combination of parameters as discussed above to determine the classification of the network service usage activity.

In some embodiments, classifying the network service usage activity further includes classifying the network service usage activity as a network capacity controlled service, a non-network capacity controlled service, a blocked or disallowed service, and/or a not yet classified/identified service (e.g., unknown/yet to be determined classification or pending classification). In some embodiments, an application connection, OS connection, and/or other service activity is classified as a network capacity controlled service activity when the device has been inactive (e.g., or in a power save state) for a period of time (e.g., when the user has not interacted with it for a period of time, when it has not displayed user notification policy, and/or a user input has not been received for a period of time, and/or when a power save state is entered). In some embodiments, an application connection, OS connection, and/or other service activity is classified as a network capacity controlled service activity when the monitored network service usage activity exceeds a data usage threshold for more than one application connection, OS connection, and/or other service activity (e.g., aggregated data usage exceeds the data usage threshold); or for a specific application connection. In some embodiments, an application connection, OS connection, and/or other service activity is classified as a network capacity controlled service activity when the monitored network service usage activity exceeds a data usage threshold based on a predetermined list of one or more data usage limits, based on a list received from a network element, usage time limit (e.g., based on a period of time exceeding a usage limit), and/or based on some other usage related criteria/measures. In some embodiments, classifying the network service usage activity further includes classifying the network service usage activity as a network capacity controlled service based on a network peak time, a network busy state, or a network connection to the device falls below a certain performance level (e.g., higher/lower priorities assigned based on various such criteria/other input/factors).

In some embodiments, one or more of the network capacity controlled services are associated with a different network access policy set for one or more networks and/or one or more alternative networks. In some embodiments, one or more of the network capacity controlled services are associated with a different notification policy set for one or more networks and/or one or more alternative networks. In some embodiments, the network capacity controlled services list is stored on the device. In some embodiments, the network capacity controlled services list is received/periodically updated from a network element and stored on the device. In some embodiments, the network capacity controlled services list includes network capacity controlled services, non-network capacity controlled services (e.g., foreground services or services based on various possibly dynamic criteria are not classified as network capacity controlled services), and an unclassified set of services (e.g., grey list including one or more network service activities pending classification based on further analysis and/or input, such as from a network element, service provider, and/or user). In some embodiments, the network capacity controlled services list is based on one or more of the following: predefined/predesignated (e.g., network, service plan, pre-test and/or characterized by an application developer) criteria; device assisted/based monitoring (e.g., using a service processor); network based monitoring (e.g., using a DPI gateway); network assisted analysis (e.g., based on device reports of DAS activity analysis). For example, the device can report device monitored network service usage activities (e.g., all monitored network service usage activities or a subset based on configuration, threshold, service plan, network, and/or user input) to the network element. As another example, the network element can update the network capacity controlled services list and send the updated list to the device. As yet another example, the network element can perform a statistical analysis of network service activities across a plurality of devices based on the device based and/or network based network service usage activity monitoring/reporting. In some embodiments, a network service usage activity is determined to be an active application or process (e.g., based on a user interaction with the device and/or network service usage activity, such as a pop-up and/or other criteria/measures).

In some embodiments, implementing traffic control for network capacity controlled services is provided using various techniques. In some embodiments, the device includes a service processor agent or function to intercept, block, modify, remove or replace UI messages, notifications or other UI communications generated by a network service activity that whose network service usage is being controlled or managed (e.g., using various measurement points). For example, this technique can be used to provide for an improved user experience (e.g., to prevent an application that is being controlled for protecting network capacity from generating repeated and/or confusing messages/alerts to the user). In some embodiments, a network stack interface of the device is replaced or modified to provide for intercept or discontinuance of network socket interface messages to applications or OS functions or other functions/software.

In some embodiments, implementing traffic control for network capacity controlled services using DAS techniques is provided using various techniques in which the network service usage activity is unaware of network capacity control (e.g., does not support an API or other interface for implementing network capacity control). For example, network service application messaging interface based techniques can be used to implement traffic control. Example network service application messaging interfaces include the following: network stack API, network communication stream/flow interface, network stack API messages, EtherType messages, ARP messages, and/or other messaging or other or similar techniques as will now be apparent to one of ordinary skill in the art in view of the various embodiments described herein. In some embodiments, network service usage activity control policies or network service activity messages are selected based on the set of traffic control policies or service activity messages that result in reduced or modified user notification by the service activity due to network capacity controlled service policies applied to the network service activity. In some embodiments, network service usage activity control policies or network service activity messages are selected based on the set of traffic control policies or service activity messages that result in reduced disruption of device operation due to network capacity controlled service activity policies applied to the network service activity. In some embodiments, network service usage activity control policies or network service activity messages are selected based on the set of traffic control policies or service activity messages that result in reduced disruption of network service activity operation due to network capacity controlled service activity policies applied to the network service activity. In some embodiments, implementing traffic control for network capacity controlled services is provided by intercepting opens/connects/writes. In some embodiments, implementing traffic control for network capacity controlled services is provided by intercepting stack API level or application messaging layer requests (e.g., socket open/send requests). For example, an intercepted request can be copied (e.g., to memory) and queued (e.g., delayed or throttled) or dropped (e.g., blocked). As another example, an intercepted request can be copied into memory and then a portion of the transmission can be retrieved from memory and reinjected (e.g., throttled). As yet another example, intercepting messaging transmissions can be parsed inline and allowed to transmit (e.g., allowed), and the transmission or a portion of the transmission can be copied to memory for classifying the traffic flow. In some embodiments, implementing traffic control for network capacity controlled services is provided by intercepting or controlling or modulating UI notifications. In some embodiments, implementing traffic control for network capacity controlled services is provided by killing or suspending the network service activity. In some embodiments, implementing traffic control for network capacity controlled services is provided by deprioritizing the process(es) associated with the service activity (e.g., CPU scheduling deprioritization).

In some embodiments, implementing traffic control for network capacity controlled services using DAS techniques for network service usage activities that are unaware of network capacity control is provided by emulating network API messaging (e.g., effectively providing a spoofed or emulated network API). For example, an emulated network API can intercept, modify, block, remove, and/or replace network socket application interface messages and/or EtherType messages (e.g., EWOULDBLOCK, ENETDOWN, ENETUNREACH, EHOSTDOWN, EHOSTUNREACH, EALRADY, EINPROGRESS, ECONNREFUSED, EINPROGRESS, ETIMEDOUT, and/other such messages). As another example, an emulated network API can modify, swap, and/or inject network socket application interface messages (socket( ), connect( ), read( ), write( ), close( ), and other such messages) that provide for control or management of network service activity service usage behavior. As yet another example, before a connection is allowed to be opened (e.g., before a socket is opened), transmission, or a flow/stream is initiated, it is blocked and a message is sent back to the application (e.g., a reset message in response to a sync request or another message that the application will understand and can interpret to indicate that the network access attempt was not allowed/blocked, that the network is not available, and/or to try again later for the requested network access). As yet another example, the socket can be allowed to open but after some point in time (e.g., based on network service usage, network busy state, time based criteria, and/or some other criteria/measure), the stream is blocked or the socket is terminated. As yet another example, time window based traffic control techniques can be implemented (e.g., during non-peak, not network busy state times), such as by allowing network access for a period of time, blocking for a period of time, and then repeating to thereby effectively spread the network access out either randomly or deterministically. Using these techniques, an application that is unaware of network capacity control based traffic control can send and receive standard messaging, and the device can implement traffic controls based on the network capacity control policy using messaging that the network service usage activity (e.g., application or OS or software function) can understand and will respond to in a typically predictable manner as would now be apparent to one of ordinary skill in the art.

In some embodiments, implementing traffic control for network capacity controlled services using DAS techniques is provided using various techniques in which the network service usage activity is aware of network capacity control (e.g., the network service usage activity supports an API or other interface for implementing network capacity control). For example, a network access API as described herein can be used to implement traffic control for network capacity controlled services. In some embodiments, the API facilitates communication of one or more of the following: network access conditions, network busy state or network availability state of one or more networks or alternative networks, one or more network capacity controlled service policies (e.g., the network service can be of a current network access setting, such as allow/block, throttle, queue, scheduled time/time slot, and/or defer, which can be based on, for example, a current network, a current network busy state, a time based criteria, a service plan, a network service classification, and/or other criteria/measures), a network access request from a network service activity, a query/polled request to a network service activity, a network access grant to a network service activity (e.g., including a priority setting and/or network capacity controlled service classification, a scheduled time/time slot, an alternative network, and/or other criteria/measures), a network busy state or a network availability state or a network QoS state.

In some embodiments, implementing traffic control for network capacity controlled services using network assisted/based techniques is provided using various techniques in which the network service usage activity is unaware of network capacity control (e.g., does not support an API or other interface for implementing network capacity control). In some embodiments, DPI based techniques are used to control network capacity controlled services (e.g., to block or throttle network capacity controlled services at a DPI gateway).

In some embodiments, implementing traffic control for network capacity controlled services using network assisted/based techniques is provided using various techniques in which the network service usage activity is aware of network capacity control (e.g., does support an API or other interface for implementing network capacity control). In some embodiments, the application/messaging layer (e.g., a network API as described herein) is used to communicate with a network service activity to provide associated network capacity controlled service classifications and/or priorities, network busy state information or network availability of one or more networks or alternative networks, a network access request and response, and/other criteria/measures as similarly described herein.

In some embodiments, DAS for protecting network capacity includes implementing a service plan for differential charging based on network service usage activities (e.g., including network capacity controlled services). In some embodiments, the service plan includes differential charging for network capacity controlled services. In some embodiments, the service plan includes a cap network service usage for network capacity controlled services. In some embodiments, the service plan includes a notification when the cap is exceeded. In some embodiments, the service plan includes overage charges when the cap is exceeded. In some embodiments, the service plan includes modifying charging based on user input (e.g., user override selection as described herein, in which for example, overage charges are different for network capacity controlled services and/or based on priority levels and/or based on the current access network). In some embodiments, the service plan includes time based criteria restrictions for network capacity controlled services (e.g., time of day restrictions with or without override options). In some embodiments, the service plan includes network busy state based criteria restrictions for network capacity controlled services (e.g., with or without override options). In some embodiments, the service plan provides for network service activity controls to be overridden (e.g., one time, time window, usage amount, or permanent) (e.g., differentially charge for override, differentially cap for override, override with action based UI notification option, and/or override with UI setting). In some embodiments, the service plan includes family plan or multi-user plan (e.g., different network capacity controlled service settings for different users). In some embodiments, the service plan includes multi-device plan (e.g., different network capacity controlled service settings for different devices, such as smart phone v. laptop v. net book v. eBook). In some embodiments, the service plan includes free network capacity controlled service usage for certain times of day, network busy state(s), and/or other criteria/measures. In some embodiments, the service plan includes network dependent charging for network capacity controlled services. In some embodiments, the service plan includes network preference/prioritization for network capacity controlled services. In some embodiments, the service plan includes arbitration billing to bill a carrier partner or sponsored service partner for the access provided to a destination, application, or other network capacity controlled service. In some embodiments, the service plan includes arbitration billing to bill an application developer for the access provided to a destination, application or other network capacity controlled service.

In some application scenarios, excess network capacity demand can be caused by modem power state changes on the device. For example, when an application or OS function attempts to connect to the network for any reason when the modem is in a power save state wherein the modem is not connected to the network, it can cause the modem to change power save state, reconnect to the network, and then initiate the application network connection. In some cases, this can also cause the network to re-initiate a modem connection session (e.g., PPP session) which in addition to the network capacity consumed by the basic modem connection also consumes network resources for establishing the PPP session. Accordingly, in some embodiments, network service usage activity control policies are implemented that limit or control the ability of applications, OS functions, and/or other network service usage activities (e.g., network capacity controlled services) from changing the modem power control state or network connection state. In some embodiments, a service usage activity is prevented or limited from awakening the modem, changing the power state of the modem, or causing the modem to connect to the network until a given time window is reached. In some embodiments, the frequency a service usage activity is allowed to awakening the modem, changing the power state of the modem, or causing the modem is limited. In some embodiments, a network service usage activity is prevented from awakening the modem, changing the power state of the modem, or causing the modem until a time delay has passed. In some embodiments, a network service usage activity is prevented from awakening the modem, changing the power state of the modem, or causing the modem until multiple network service usage activities require such changes in modem state, or until network service usage activity is aggregated to increase network capacity and/or network resource utilization efficiency. In some embodiments, limiting the ability of a network service usage activity to change the power state of a modem includes not allowing the activity to power the modem off, place the modem in sleep mode, or disconnect the modem from the network. In some embodiments, these limitations on network service usage activity to awaken the modem, change the power state of the modem, or cause the modem to connect to a network are set by a central network function (e.g., a service controller or other network element/function) policy communication to the modem. In some embodiments, these power control state policies are updated by the central network function.

FIG. 11 depicts an example of a computer system 1100 on which techniques described in this paper can be implemented. The computer system 1100 may be a conventional computer system that can be used as a client computer system, such as a wireless client or a workstation, or a server computer system. The computer system 1100 includes a computer 1102, I/O devices 1104, and a display device 1106. The computer 1102 includes a processor 1108, a communications interface 1110, memory 1112, display controller 1114, non-volatile storage 1116, and I/O controller 1118. The computer 1102 may be coupled to or include the I/O devices 1104 and display device 1106.

The computer 1102 interfaces to external systems through the communications interface 1110, which may include a modem or network interface. It will be appreciated that the communications interface 1110 can be considered to be part of the computer system 1100 or a part of the computer 1102. The communications interface 1110 can be an analog modem, ISDN modem, cable modem, token ring interface, satellite transmission interface (e.g. “direct PC”), or other interfaces for coupling a computer system to other computer systems.

The processor 1108 may be, for example, a conventional microprocessor such as an Intel Pentium microprocessor or Motorola power PC microprocessor. The memory 1112 is coupled to the processor 1108 by a bus 1170. The memory 1112 can be Dynamic Random Access Memory (DRAM) and can also include Static RAM (SRAM). The bus 1170 couples the processor 1108 to the memory 1112, also to the non-volatile storage 1116, to the display controller 1114, and to the I/O controller 1118.

The I/O devices 1104 can include a keyboard, disk drives, printers, a scanner, and other input and output devices, including a mouse or other pointing device. The display controller 1114 may control in the conventional manner a display on the display device 1106, which can be, for example, a cathode ray tube (CRT) or liquid crystal display (LCD). The display controller 1114 and the I/O controller 1118 can be implemented with conventional well known technology.

The non-volatile storage 1116 is often a magnetic hard disk, an optical disk, or another form of storage for large amounts of data. Some of this data is often written, by a direct memory access process, into memory 1112 during execution of software in the computer 1102. One of skill in the art will immediately recognize that the terms “machine-readable medium” or “computer-readable medium” includes any type of storage device that is accessible by the processor 1108 and also encompasses a carrier wave that encodes a data signal.

The computer system 1100 is one example of many possible computer systems which have different architectures. For example, personal computers based on an Intel microprocessor often have multiple buses, one of which can be an I/O bus for the peripherals and one that directly connects the processor 1108 and the memory 1112 (often referred to as a memory bus). The buses are connected together through bridge components that perform any necessary translation due to differing bus protocols.

Network computers are another type of computer system that can be used in conjunction with the teachings provided herein. Network computers do not usually include a hard disk or other mass storage, and the executable programs are loaded from a network connection into the memory 1112 for execution by the processor 1108. A Web TV system, which is known in the art, is also considered to be a computer system, but it may lack some of the features shown in FIG. 11, such as certain input or output devices. A typical computer system will usually include at least a processor, memory, and a bus coupling the memory to the processor.

In addition, the computer system 1100 is controlled by operating system software which includes a file management system, such as a disk operating system, which is part of the operating system software. One example of operating system software with its associated file management system software is the family of operating systems known as Windows® from Microsoft Corporation of Redmond, Wash., and their associated file management systems. Another example of operating system software with its associated file management system software is the Linux operating system and its associated file management system. The file management system is typically stored in the non-volatile storage 1116 and causes the processor 1108 to execute the various acts required by the operating system to input and output data and to store data in memory, including storing files on the non-volatile storage 1116.

Some portions of the detailed description are presented in terms of algorithms and symbolic representations of operations on data bits within a computer memory. These algorithmic descriptions and representations are the means used by those skilled in the data processing arts to most effectively convey the substance of their work to others skilled in the art. An algorithm is here, and generally, conceived to be a self-consistent sequence of operations leading to a desired result. The operations are those requiring physical manipulations of physical quantities. Usually, though not necessarily, these quantities take the form of electrical or magnetic signals capable of being stored, transferred, combined, compared, and otherwise manipulated. It has proven convenient at times, principally for reasons of common usage, to refer to these signals as bits, values, elements, symbols, characters, terms, numbers, or the like.

It should be borne in mind, however, that all of these and similar terms are to be associated with the appropriate physical quantities and are merely convenient labels applied to these quantities. Unless specifically stated otherwise as apparent from the following discussion, it is appreciated that throughout the description, discussions utilizing terms such as “processing” or “computing” or “calculating” or “determining” or “displaying” or the like, refer to the action and processes of a computer system, or similar electronic computing device, that manipulates and transforms data represented as physical (electronic) quantities within the computer system's registers and memories into other data similarly represented as physical quantities within the computer system memories or registers or other such information storage, transmission or display devices.

The present invention, in some embodiments, also relates to apparatus for performing the operations herein. This apparatus may be specially constructed for the required purposes, or it may comprise a general purpose computer selectively activated or reconfigured by a computer program stored in the computer. Such a computer program may be stored in a computer readable storage medium, such as, but is not limited to, read-only memories (ROMs), random access memories (RAMs), EPROMs, EEPROMs, magnetic or optical cards, any type of disk including floppy disks, optical disks, CD-ROMs, and magnetic-optical disks, or any type of media suitable for storing electronic instructions, and each coupled to a computer system bus.

The algorithms and displays presented herein are not inherently related to any particular computer or other apparatus. Various general purpose systems may be used with programs in accordance with the teachings herein, or it may prove convenient to construct more specialized apparatus to perform the required method steps. The required structure for a variety of these systems will appear from the description below. In addition, the present invention is not described with reference to any particular programming language, and various embodiments may thus be implemented using a variety of programming languages.

Although the foregoing embodiments have been described in some detail for purposes of clarity of understanding, the invention is not limited to the details provided. There are many alternative ways of implementing the invention. The disclosed embodiments are illustrative and not restrictive.

INCORPORATION BY REFERENCE

The following U.S. applications are hereby incorporated by reference for all purposes: application Ser. No. 13/248,025, filed Sep. 28, 2011, entitled SERVICE DESIGN CENTER FOR DEVICE ASSISTED SERVICES; application Ser. No. 13/134,028, filed May 25, 2011, entitled DEVICE-ASSISTED SERVICES FOR PROTECTING NETWORK CAPACITY, now U.S. Pat. No. 8,589,541 (issued Nov. 19, 2013); application Ser. No. 13/134,005, filed May 25, 2011, entitled SYSTEM AND METHOD FOR WIRELESS NETWORK OFFLOADING, now U.S. Pat. No. 8,635,335 (issued Jan. 21, 2014); application Ser. No. 12/695,021, filed Jan. 27, 2010, entitled QUALITY OF SERVICE FOR DEVICE ASSISTED SERVICES, now U.S. Pat. No. 8,346,225 (issued Jan. 1, 2013); application Ser. No. 12/380,780, entitled AUTOMATED DEVICE PROVISIONING AND ACTIVATION, filed Mar. 2, 2009, now U.S. Pat. No. 8,839,388 (issued Sep. 16, 2014); application Ser. No. 12/380,778, filed Mar. 2, 2009, entitled VERIFIABLE DEVICE ASSISTED SERVICE USAGE BILLING WITH INTEGRATED ACCOUNTING, MEDIATION ACCOUNTING, AND MULTI-ACCOUNT, now U.S. Pat. No. 8,321,526 (issued Nov. 27, 2012); Provisional Application No. 61/206,354, entitled SERVICES POLICY COMMUNICATION SYSTEM AND METHOD, filed Jan. 28, 2009; Provisional Application No. 61/206,944, entitled SERVICES POLICY COMMUNICATION SYSTEM AND METHOD, filed Feb. 4, 2009; Provisional Application No. 61/207,393, entitled SERVICES POLICY COMMUNICATION SYSTEM AND METHOD filed Feb. 10, 2009; Provisional Application No. 61/207,739, entitled SERVICES POLICY COMMUNICATION SYSTEM AND METHOD filed Feb. 13, 2009; Provisional Application No. 61/252,151, filed Oct. 15, 2009, entitled SECURITY TECHNIQUES FOR DEVICE ASSISTED SERVICES; Provisional Application No. 61/252,153, filed Oct. 15, 2009, entitled DEVICE GROUP PARTITIONS AND SETTLEMENT PLATFORM; Provisional Application No. 61/348,022, filed May 25, 2010, entitled DEVICE ASSISTED SERVICES FOR PROTECTING NETWORK CAPACITY; Provisional Application No. 61/381,159, filed Sep. 9, 2010, entitled DEVICE ASSISTED SERVICES FOR PROTECTING NETWORK CAPACITY; Provisional Application No. 61/407,358, filed Oct. 27, 2010, entitled SERVICE CONTROLLER AND SERVICE PROCESSOR ARCHITECTURE; Provisional Application No. 61/422,572, filed Dec. 13, 2010, entitled SYSTEM INTERFACES AND WORKFLOWS FOR DEVICE ASSISTED SERVICES; Provisional Application No. 61/422,574, filed Dec. 13, 2010, entitled SECURITY AND FRAUD DETECTION FOR DEVICE ASSISTED SERVICES; Provisional Application No. 61/435,564, filed Jan. 24, 2011, entitled FRAMEWORK FOR DEVICE ASSISTED SERVICES; Provisional Application No. 61/472,606, filed Apr. 6, 2011, entitled MANAGING SERVICE USER DISCOVERY AND SERVICE LAUNCH OBJECT PLACEMENT ON A DEVICE; and Provisional Application No. 61/422,565, filed Dec. 13, 2010, entitled SERVICE DESIGN CENTER FOR DEVICE ASSISTED SERVICES. 

1. (canceled)
 2. A method for operating a service design system to implement a service plan including one or more wireless network data services to be provided by one or more wireless access networks to one or more wireless end-user devices, the method comprising: accepting, via a service design system interface mechanism, user input defining an event associated with a use of at least one of the wireless access networks according to the service plan; receiving, via the service design system interface, user input specifying a plurality of service policies associated with the defined event, the service policies including at least two of an access policy that defines rights to access a wireless network data service, a service accounting policy that defines accounting for using the wireless network data service, and a notification policy that defines when to provide notifications corresponding to the wireless network data service; and creating a definition for the service plan based at least in part on the defined event and the at least two specified service policies; and translating the service plan definition into instructions that, when used to program one or more policy implementation elements, cause the one or more policy implementation elements to implement the specified service policies when the event is detected for at least one applicable wireless end-user device's use of at least one of the wireless access networks, the at least one applicable wireless end-user device subject to the service plan.
 3. The method of claim 2, further comprising: identifying a first group of wireless end-user devices to be bound to the service plan; and providing the instructions to one or more policy implementation elements to cause the specified service policies to take effect for the first group of wireless end-user devices.
 4. The method of claim 3, wherein at least one of the first group of wireless end-user devices subscribes to the service plan.
 5. The method of claim 2, wherein the interface mechanism includes one or more picklists for defining the event, each picklist including a plurality of options.
 6. The method of claim 5, wherein the one or more picklists include: a first picklist that includes at least one option that corresponds to a measure for an amount of usage of a wireless network data service; and one or more second picklists that include options for specifying the amount of usage.
 7. The method of claim 2, further comprising: receiving, via the service design center interface mechanism, user input specifying one or more device states of a wireless end-user device, wherein a device state is a property of the device; and associating the device state with the event definition.
 8. The method of claim 7, wherein the device state comprises whether a given application is presently executing on the device.
 9. The method of claim 7, wherein the device state comprises a location of the device.
 10. The method of claim 7, wherein the association comprises a conditional relationship wherein the device state is present when the defined event is detected.
 11. The method of claim 7, wherein the association comprises a conditional relationship that specifies one or more window criteria between when the defined event is detected and when the device state is present on the device.
 12. The method of claim 11, wherein the window criteria includes an order of occurrence between the event and the device state. 